urlscan.io logo urlscan.io
SecurityTrails logo

beckernews.com Open in urlscan Pro
2606:4700:e4::ac40:a414  Public Scan

Go To Rescan Add Verdict Report
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Submission: On February 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 9 countries across 74 domains to perform 325 HTTP transactions. The main IP is 2606:4700:e4::ac40:a414, located in United States and belongs to CLOUDFLARENET, US. The main domain is beckernews.com. The Cisco Umbrella rank of the primary domain is 788501.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 11th 2021. Valid for: a year.
This is the only time beckernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 2606:4700:e4:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
4 18.211.226.152 14618 (AMAZON-AES)
19 172.66.41.9 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
3 2600:9000:226... 16509 (AMAZON-02)
17 151.139.128.11 20446 (HIGHWINDS3)
28 104.19.135.78 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
5 169.55.146.12 36351 (SOFTLAYER)
14 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2.18.233.180 16625 (AKAMAI-AS)
6 2a00:1450:400... 15169 (GOOGLE)
3 104.154.142.214 15169 (GOOGLE)
4 142.250.184.226 15169 (GOOGLE)
1 172.66.42.247 13335 (CLOUDFLAR...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
6 52.215.125.248 16509 (AMAZON-02)
1 67.202.105.31 32748 (STEADFAST)
2 12 2.18.234.21 16625 (AKAMAI-AS)
1 51.38.120.206 16276 (OVH)
4 4 185.64.190.79 62713 (AS-PUBMATIC)
5 15 142.250.185.98 15169 (GOOGLE)
2 2 104.36.113.17 62713 (AS-PUBMATIC)
2 2 198.47.127.20 62713 (AS-PUBMATIC)
4 4 37.252.172.123 29990 (ASN-APPNEX)
2 35.244.159.8 15169 (GOOGLE)
4 7 3.126.56.137 16509 (AMAZON-02)
7 7 199.127.204.147 26120 (RHYTHMONE)
4 6 15.197.193.217 16509 (AMAZON-02)
2 2 70.42.32.223 13789 (INTERNAP-...)
1 178.162.133.149 60781 (LEASEWEB-...)
1 54.194.94.231 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
3 3 52.211.218.251 16509 (AMAZON-02)
5 6 18.185.44.17 16509 (AMAZON-02)
1 2 38.27.122.126 174 (COGENT-174)
2 2 198.148.27.139 19189 (PULSEPOINT)
2 2 72.251.249.9 29791 (VOXEL-DOT...)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 67.202.105.21 32748 (STEADFAST)
1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
2 54.234.151.247 14618 (AMAZON-AES)
3 23.20.158.212 14618 (AMAZON-AES)
1 2 209.54.180.144 16509 (AMAZON-02)
1 1 18.210.180.232 14618 (AMAZON-AES)
2 3 52.50.112.53 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
2 143.204.215.118 16509 (AMAZON-02)
2 151.101.193.194 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.228.12.66 16509 (AMAZON-02)
1 44.238.59.174 16509 (AMAZON-02)
2 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
2 3.88.244.23 14618 (AMAZON-AES)
2 3.232.101.2 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.41.22.107 16509 (AMAZON-02)
1 2 37.252.172.45 29990 (ASN-APPNEX)
1 8 34.211.237.159 16509 (AMAZON-02)
1 2 185.86.137.133 201081 (SMARTADSE...)
1 52.6.110.80 14618 (AMAZON-AES)
2 54.78.253.158 16509 (AMAZON-02)
1 2a03:90c0:41:... 199524 (GCORE)
2 54.197.247.252 14618 (AMAZON-AES)
3 3 3.122.48.254 16509 (AMAZON-02)
1 1 51.255.68.171 16276 (OVH)
1 193.122.174.27 31898 (ORACLE-BM...)
9 18.213.6.218 14618 (AMAZON-AES)
1 151.101.66.132 54113 (FASTLY)
7 35.165.111.143 16509 (AMAZON-02)
2 18.192.29.118 16509 (AMAZON-02)
1 104.36.113.23 62713 (AS-PUBMATIC)
1 52.24.240.27 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
4 18.235.17.58 14618 (AMAZON-AES)
1 34.120.133.55 15169 (GOOGLE)
1 54.229.233.249 16509 (AMAZON-02)
1 52.205.96.140 14618 (AMAZON-AES)
11 95.100.153.136 20940 (AKAMAI-ASN1)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 1 23.37.42.132 16625 (AKAMAI-AS)
2 104.92.74.8 16625 (AKAMAI-AS)
1 72.251.249.13 29791 (VOXEL-DOT...)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 54.246.168.255 16509 (AMAZON-02)
3 3 151.101.194.49 54113 (FASTLY)
1 1 35.174.191.125 14618 (AMAZON-AES)
1 141.226.228.48 200478 (TABOOLA-AS)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 3.209.156.238 14618 (AMAZON-AES)
1 8.39.36.142 26667 (RUBICONPR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 51.75.146.199 16276 (OVH)
1 69.173.151.100 26667 (RUBICONPR...)
325 88
26    2606:4700:e4::ac40:a414 (United States)

ASN13335 (CLOUDFLARENET, US)
beckernews.com
4    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
www.googleapis.com
4    18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com
powerad.ai
19    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3007.infolinks.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:206f:f000:a:cbb7:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.lockerdomecdn.com
3    2600:9000:2260:de00:b:6268:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn1.lockerdomecdn.com
17    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
assets.revcontent.com
sp.rmbl.ws
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
28    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cdn.mgid.com
c.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
6    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
6    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
5    169.55.146.12 (United States)

ASN36351 (SOFTLAYER, US)
PTR: c.92.37a9.ip4.static.sl-reverse.com
rumble.com
14    2606:4700:10::6816:3ca8 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.vuukle.com
vuukle.com
api.vuukle.com
publish.vuukle.com
media.vuukle.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
1    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
rt3007.infolinks.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
6    52.215.125.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-125-248.eu-west-1.compute.amazonaws.com
trends.revcontent.com
1    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
12    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
1    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
4    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
15    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
2    104.36.113.17 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
4    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
7    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
7    199.127.204.147 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
6    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    54.194.94.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-94-231.eu-west-1.compute.amazonaws.com
s.cpx.to
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
3    52.211.218.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-218-251.eu-west-1.compute.amazonaws.com
ad.360yield.com
6    18.185.44.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-44-17.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    38.27.122.126 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    2a02:26f0:ef::5f65:4d5e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.vuukle.com
2    54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com
reporting.powerad.ai
3    23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com
hb.brainlyads.com
2    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    18.210.180.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-180-232.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
3    52.50.112.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-112-53.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
8    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net
s.flocdn.com
2    151.101.193.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
4    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.228.12.66 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-12-66.ap-southeast-1.compute.amazonaws.com
pixel.zprk.io
1    44.238.59.174 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-59-174.us-west-2.compute.amazonaws.com
a.ad.gt
2    2a02:26f0:ef::5f65:4d5b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
2    3.88.244.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-244-23.compute-1.amazonaws.com
servt.vuukle.com
2    3.232.101.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-101-2.compute-1.amazonaws.com
yeet.revcontent.com
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    2a02:26f0:fb:5a7::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
play.aniview.com
player.aniview.com
2    2606:4700:3036::ac43:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)
rddywd.com
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    52.41.22.107 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-22-107.us-west-2.compute.amazonaws.com
aufp.io
p.ad.gt
2    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
8    34.211.237.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
ids.ad.gt
2    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
1    52.6.110.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-110-80.compute-1.amazonaws.com
serv.vuukle.com
2    54.78.253.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
tag.escalated.io
1    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
2    54.197.247.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-247-252.compute-1.amazonaws.com
servs.vuukle.com
3    3.122.48.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-48-254.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
1    193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
9    18.213.6.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-6-218.compute-1.amazonaws.com
track1.aniview.com
atrack.avplayer.com
1    151.101.66.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
7    35.165.111.143 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-165-111-143.us-west-2.compute.amazonaws.com
prebid-server.rubiconproject.com
2    18.192.29.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-29-118.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
1    104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    52.24.240.27 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-240-27.us-west-2.compute.amazonaws.com
pixels.ad.gt
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    18.235.17.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-17-58.compute-1.amazonaws.com
prd-collector-anon.ex.co
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    54.229.233.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-233-249.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    52.205.96.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-96-140.compute-1.amazonaws.com
premiumsrv.aniview.com
11    95.100.153.136 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-136.deploy.static.akamaitechnologies.com
mcd.ex.co
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    2a05:d018:d29:3601:6aba:1333:1e2b:7cf5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    54.246.168.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-168-255.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.174.191.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-191-125.compute-1.amazonaws.com
d.adroll.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    3.209.156.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-156-238.compute-1.amazonaws.com
sync.aniview.com
1    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    51.75.146.199 (France)

ASN16276 (OVH, FR)
PTR: p12.id5-sync.com
id5-sync.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
Apex Domain
Subdomains		 Transfer
29 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7373
cdn.mgid.com — Cisco Umbrella Rank: 9908
c.mgid.com — Cisco Umbrella Rank: 5668
servicer.mgid.com — Cisco Umbrella Rank: 7619
video-native.mgid.com — Cisco Umbrella Rank: 26854
s-img.mgid.com — Cisco Umbrella Rank: 6584
cm.mgid.com — Cisco Umbrella Rank: 1572
425 KB
26 beckernews.com
beckernews.com — Cisco Umbrella Rank: 788501
407 KB
23 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 5830
trends.revcontent.com — Cisco Umbrella Rank: 2009
img.revcontent.com — Cisco Umbrella Rank: 9485
cdn.revcontent.com — Cisco Umbrella Rank: 6657
yeet.revcontent.com — Cisco Umbrella Rank: 6699
images.revcontent.com — Cisco Umbrella Rank: 5736
181 KB
20 vuukle.com
cdn.vuukle.com — Cisco Umbrella Rank: 15798
vuukle.com — Cisco Umbrella Rank: 13990
api.vuukle.com — Cisco Umbrella Rank: 21946
publish.vuukle.com — Cisco Umbrella Rank: 17356
tg1.vuukle.com — Cisco Umbrella Rank: 50389
servt.vuukle.com — Cisco Umbrella Rank: 49058
media.vuukle.com — Cisco Umbrella Rank: 116335
serv.vuukle.com — Cisco Umbrella Rank: 54827
servs.vuukle.com — Cisco Umbrella Rank: 117782
309 KB
20 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 7980
router.infolinks.com — Cisco Umbrella Rank: 2877
rt3007.infolinks.com — Cisco Umbrella Rank: 79821
109 KB
16 ex.co
player.ex.co — Cisco Umbrella Rank: 10546
prd-collector-anon.ex.co — Cisco Umbrella Rank: 8539
mcd.ex.co — Cisco Umbrella Rank: 10432
2 MB
16 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
226 KB
15 aniview.com
play.aniview.com — Cisco Umbrella Rank: 13640
player.aniview.com — Cisco Umbrella Rank: 2244
track1.aniview.com — Cisco Umbrella Rank: 2186
premiumsrv.aniview.com — Cisco Umbrella Rank: 11372
sync.aniview.com — Cisco Umbrella Rank: 2703
397 KB
12 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1121
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
eus.rubiconproject.com — Cisco Umbrella Rank: 541
token.rubiconproject.com — Cisco Umbrella Rank: 689
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1135
14 KB
12 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
ssum.casalemedia.com — Cisco Umbrella Rank: 1337
15 KB
12 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
imasdk.googleapis.com — Cisco Umbrella Rank: 418
www.googleapis.com — Cisco Umbrella Rank: 35
1 MB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
116 KB
11 ad.gt
a.ad.gt — Cisco Umbrella Rank: 5184
p.ad.gt — Cisco Umbrella Rank: 5806
ids.ad.gt — Cisco Umbrella Rank: 4690
pixels.ad.gt — Cisco Umbrella Rank: 5709
17 KB
11 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 473
image8.pubmatic.com — Cisco Umbrella Rank: 609
image2.pubmatic.com — Cisco Umbrella Rank: 1032
image4.pubmatic.com — Cisco Umbrella Rank: 848
image6.pubmatic.com — Cisco Umbrella Rank: 595
62 KB
8 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1127
2 KB
8 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
3 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
3 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
secure.adnxs.com — Cisco Umbrella Rank: 404
5 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
22 KB
6 gstatic.com
fonts.gstatic.com
220 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3036
onesignal.com — Cisco Umbrella Rank: 1251
img.onesignal.com — Cisco Umbrella Rank: 6182
89 KB
6 powerad.ai
powerad.ai — Cisco Umbrella Rank: 14320
reporting.powerad.ai — Cisco Umbrella Rank: 15909
44 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 13
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2438
87 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 528
4 KB
5 rumble.com
rumble.com — Cisco Umbrella Rank: 21158
33 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
1 KB
4 lockerdomecdn.com
cdn2.lockerdomecdn.com — Cisco Umbrella Rank: 21204
cdn1.lockerdomecdn.com — Cisco Umbrella Rank: 12950
5 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
770 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
2 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
50 KB
3 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 9046
atrack.avplayer.com — Cisco Umbrella Rank: 10118
129 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
2 KB
3 brainlyads.com
hb.brainlyads.com — Cisco Umbrella Rank: 13681
179 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
ce.lijit.com — Cisco Umbrella Rank: 816
1 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
919 B
3 lockerdome.com
lockerdome.com — Cisco Umbrella Rank: 9858
5 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
425 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
115 KB
2 escalated.io
tag.escalated.io — Cisco Umbrella Rank: 25795
43 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 3337
419 B
2 rddywd.com
rddywd.com — Cisco Umbrella Rank: 110063
1 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1580
72 KB
2 flocdn.com
s.flocdn.com — Cisco Umbrella Rank: 16855
49 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
1 KB
2 rmbl.ws
sp.rmbl.ws — Cisco Umbrella Rank: 26252
16 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 577
762 B
2 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1587
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 588
605 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
1 KB
2 openx.net
u.openx.net — Cisco Umbrella Rank: 710
380 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 596
532 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
425 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 969
99 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1561
112 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1894
336 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 812
327 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1292
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3169
492 B
1 aufp.io
aufp.io — Cisco Umbrella Rank: 6490
3 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 440
1 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5557
501 B
1 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 16247
3 KB
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 424
512 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1483
376 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 877
72 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 702
758 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4389
233 B
1 cpx.to
s.cpx.to — Cisco Umbrella Rank: 2057
944 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
478 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
814 B
1 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1328
289 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1713
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
325 74
Domain Requested by
26 beckernews.com beckernews.com
15 s-img.mgid.com beckernews.com
15 router.infolinks.com resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
11 mcd.ex.co player.avplayer.com
11 pagead2.googlesyndication.com beckernews.com
srcdoc
imasdk.googleapis.com
9 images.revcontent.com beckernews.com
9 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
8 track1.aniview.com beckernews.com
player.aniview.com
8 ids.ad.gt 1 redirects beckernews.com
8 imasdk.googleapis.com rumble.com
imasdk.googleapis.com
player.aniview.com
8 cm.g.doubleclick.net 5 redirects ssum-sec.casalemedia.com
beckernews.com
ssum.casalemedia.com
7 prebid-server.rubiconproject.com player.aniview.com
7 ups.analytics.yahoo.com 4 redirects
7 cdn.mgid.com jsc.mgid.com
beckernews.com
6 pixel.advertising.com 5 redirects player.aniview.com
6 match.adsrvr.org 4 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
6 trends.revcontent.com assets.revcontent.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
beckernews.com
6 cdn.vuukle.com beckernews.com
cdn.vuukle.com
6 fonts.gstatic.com fonts.googleapis.com
5 sync.1rx.io 5 redirects
5 rumble.com beckernews.com
rumble.com
4 prd-collector-anon.ex.co player.ex.co
4 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
4 player.aniview.com player.avplayer.com
player.aniview.com
player.ex.co
4 stats.g.doubleclick.net www.google-analytics.com
lockerdome.com
4 ib.adnxs.com 4 redirects
4 image8.pubmatic.com 4 redirects
4 securepubads.g.doubleclick.net cdn.vuukle.com
securepubads.g.doubleclick.net
4 assets.revcontent.com beckernews.com
assets.revcontent.com
4 powerad.ai beckernews.com
powerad.ai
3 sync-tm.everesttech.net 3 redirects
3 x.bidswitch.net 3 redirects
3 media.vuukle.com beckernews.com
3 s0.2mdn.net imasdk.googleapis.com
3 dpm.demdex.net 2 redirects ssum-sec.casalemedia.com
3 hb.brainlyads.com beckernews.com
powerad.ai
3 publish.vuukle.com cdn.vuukle.com
3 ad.360yield.com 3 redirects
3 onesignal.com cdn.onesignal.com
3 lockerdome.com cdn2.lockerdomecdn.com
3 cdn1.lockerdomecdn.com beckernews.com
3 resources.infolinks.com beckernews.com
resources.infolinks.com
3 fonts.googleapis.com beckernews.com
client
2 match.prod.bidr.io 2 redirects
2 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
2 www.facebook.com beckernews.com
2 connect.facebook.net p.ad.gt
connect.facebook.net
2 cm.mgid.com jsc.mgid.com
2 ads.adaptv.advertising.com player.aniview.com
2 servs.vuukle.com player.aniview.com
2 tag.escalated.io cdn.vuukle.com
tag.escalated.io
2 sync.smartadserver.com 1 redirects beckernews.com
2 secure.adnxs.com 1 redirects ssum.casalemedia.com
2 rddywd.com beckernews.com
2 yeet.revcontent.com assets.revcontent.com
2 servt.vuukle.com beckernews.com
2 player.avplayer.com tg1.vuukle.com
player.ex.co
2 confiant-integrations.global.ssl.fastly.net cdn.vuukle.com
confiant-integrations.global.ssl.fastly.net
2 s.flocdn.com cdn.vuukle.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 reporting.powerad.ai powerad.ai
2 sp.rmbl.ws beckernews.com
2 ap.lijit.com 2 redirects
2 bh.contextweb.com 2 redirects
2 match.bnmla.com 1 redirects router.infolinks.com
2 b1sync.zemanta.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 u.openx.net router.infolinks.com
beckernews.com
2 image4.pubmatic.com 2 redirects
2 image2.pubmatic.com 2 redirects
2 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
2 mug.criteo.com beckernews.com
2 gum.criteo.com 1 redirects
2 rt3007.infolinks.com resources.infolinks.com
2 ads.pubmatic.com assets.revcontent.com
player.aniview.com
2 cdn.onesignal.com beckernews.com
cdn.onesignal.com
2 jsc.mgid.com beckernews.com
jsc.mgid.com
1 pixel-us-east.rubiconproject.com
1 id5-sync.com player.aniview.com
1 token.rubiconproject.com
1 sync.aniview.com ssum.casalemedia.com
1 ad.turn.com 1 redirects
1 sync.taboola.com ssum.casalemedia.com
1 d.adroll.com 1 redirects
1 pr-bh.ybp.yahoo.com ssum.casalemedia.com
1 ce.lijit.com player.aniview.com
1 secure-assets.rubiconproject.com 1 redirects
1 ssum.casalemedia.com player.aniview.com
1 premiumsrv.aniview.com player.aniview.com
1 id.crwdcntrl.net ads.pubmatic.com
1 api.rlcdn.com ads.pubmatic.com
1 atrack.avplayer.com beckernews.com
1 pixels.ad.gt p.ad.gt
1 img.onesignal.com beckernews.com
1 image6.pubmatic.com ads.pubmatic.com
1 player.ex.co cdn.mgid.com
1 sync.technoratimedia.com player.aniview.com
1 dsp.nrich.ai 1 redirects
1 video-native.mgid.com jsc.mgid.com
1 servicer.mgid.com jsc.mgid.com
1 serv.vuukle.com player.aniview.com
1 p.ad.gt a.ad.gt
1 aufp.io a.ad.gt
1 cdn.jsdelivr.net cdn.vuukle.com
1 c.mgid.com jsc.mgid.com
1 www.googleapis.com beckernews.com
1 play.aniview.com beckernews.com
1 www.google.de beckernews.com
1 www.google.com beckernews.com
1 cdn.revcontent.com beckernews.com
1 img.revcontent.com beckernews.com
1 a.ad.gt beckernews.com
1 pixel.zprk.io powerad.ai
1 pixel.quantserve.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 tg1.vuukle.com cdn.vuukle.com
1 ssc-cms.33across.com router.infolinks.com
1 p.rfihub.com 1 redirects
1 dsp.adkernel.com router.infolinks.com
1 s.cpx.to router.infolinks.com
1 sync.go.sonobi.com router.infolinks.com
1 onetag-sys.com router.infolinks.com
1 de.tynt.com router.infolinks.com
1 api.vuukle.com cdn.vuukle.com
1 vuukle.com cdn.vuukle.com
1 secure.gravatar.com beckernews.com
1 cdn2.lockerdomecdn.com beckernews.com
1 www.googletagmanager.com beckernews.com
325 129
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-11 -
2022-12-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.powerad.ai
Go Daddy Secure Certificate Authority - G2		 2021-08-13 -
2022-09-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.lockerdomecdn.com
Amazon		 2022-01-25 -
2023-02-23		 a year crt.sh
assets.revcontent.com
R3		 2022-01-12 -
2022-04-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.rumble.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-11 -
2022-12-07		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-10-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
revcontent.com
Amazon		 2021-08-09 -
2022-09-07		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
sp.rmbl.ws
R3		 2022-02-01 -
2022-05-02		 3 months crt.sh
wl2.aniview.com
R3		 2022-01-24 -
2022-04-24		 3 months crt.sh
hb.brainlyads.com
Go Daddy Secure Certificate Authority - G2		 2021-11-25 -
2022-12-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.flocdn.com
Amazon		 2021-03-06 -
2022-04-04		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.zprk.io
Amazon		 2021-11-18 -
2022-12-17		 a year crt.sh
*.ad.gt
Amazon		 2021-06-09 -
2022-07-08		 a year crt.sh
img.revcontent.com
R3		 2022-01-13 -
2022-04-13		 3 months crt.sh
outstreamedia.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.adservrs.com
Amazon		 2021-05-18 -
2022-06-16		 a year crt.sh
cdn.revcontent.com
R3		 2022-01-13 -
2022-04-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
images.revcontent.com
R3		 2022-01-10 -
2022-04-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
aufp.io
Amazon		 2021-11-26 -
2022-12-24		 a year crt.sh
*.escalated.io
Go Daddy Secure Certificate Authority - G2		 2022-01-03 -
2023-02-04		 a year crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2021-09-13 -
2022-10-15		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-12-21 -
2022-06-15		 6 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2021-11-06 -
2022-11-06		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-11 -
2022-02-09		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh

This page contains 36 frames:

Primary Page: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Frame ID: CAD449B9C1CE2E3933B3B6CEB31CAE05
Requests: 231 HTTP requests in this frame

Frame: https://beckernews.com/breaking-project-veritas-scores-major-victory-against-the-new-york-times-43489/embed/
Frame ID: F0D5A6234B13D3B8BED78E09D872E15F
Requests: 14 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Frame ID: D429950882B74CEFFA2A051CB31A6597
Requests: 18 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13726297860053350?pubid=ld-13726297860053350-151&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=640
Frame ID: 393E49A15460B5DDFD73BB6141AA4152
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13726301584595302?pubid=ld-13726301584595302-692&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=640
Frame ID: CE7E7D64D4EC3822362AD9D6898DEC38
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13726299873319270?pubid=ld-13726299873319270-436&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=640
Frame ID: A0A42BDBDD6837B308B6ED5463E872C9
Requests: 2 HTTP requests in this frame

Frame: https://cdn.vuukle.com/widgets/powerbar.html?version=2.11.4
Frame ID: DE464FE82A8526338FBB3BB3ABD442D4
Requests: 2 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: 414CB22ABFDC59983E8BD4962E93620E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: EC8C2627633E0801E0067454E5C04E27
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: B8469686324A169A7F3B1E126854EE20
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/prebid.js
Frame ID: 9B3D5551EEEEC4E0A4B7EB298E539161
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Frame ID: 05C4C82452F8E51347302903E860E70E
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: 8F5ADB5BB91211885B7A23BF53D8C45B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 0CB3985A5820E7335165E3EA93462E1D
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Frame ID: B6A6398E838E79E3479D405C848835D7
Requests: 4 HTTP requests in this frame

Frame: https://cdn.vuukle.com/widgets/ivtreporter.html
Frame ID: AC0FA7B20B0ECFFA001970F04657A4AB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 81F392D69114400D03094B8306F20372
Requests: 1 HTTP requests in this frame

Frame: https://servs.vuukle.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1643777512348-929046190734-008623-009-000580&key=95317b89-2555-4860-a5a2-d4766a959fb7
Frame ID: 986E9FEFC3E55DB90400500636782CB4
Requests: 1 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: 388F4D7D5839408622ADFC31A3891FB0
Requests: 1 HTTP requests in this frame

Frame: https://servs.vuukle.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1643777512348-929046190734-008623-009-000580&key=RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005
Frame ID: 2AF2844CC00C32D096B564AA993CADAB
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1643777512348-929046190734-008623-009-000580&cb=https%3A%2F%2Fservs.vuukle.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1643777512348-929046190734-008623-009-000580%26key%3D%5BUSER_ID%5D
Frame ID: FFBA37B84225F773E5E362492E5FD3B6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.vuukle.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1643777512348-929046190734-008623-009-000580%26key%3D
Frame ID: 9F1929612BE5B83AE603EFBAD2746318
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1643777512574946032442
Frame ID: F541B219EFE61990FB48CA5EEF39620B
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: 8512B72B21467401ADADE3DBBC4B935C
Requests: 4 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643777512348-929046190734-008623-009-000580%26biddername%3D42%26key%3D
Frame ID: D1E0FF1214B3A9DD1CB2A1FCD733D6E0
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: CA88F9CAEE1A1A0C52422E82BFF25B99
Requests: 4 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=376385&3pid=1643777512348-929046190734-008623-009-000580&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643777512348-929046190734-008623-009-000580%26biddername%3D18%26key%3D%5BSOVRNID%5D
Frame ID: F2201654E55341BB5DA47E7AB74ED056
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 9D4712FC7CEE18AC8805ECD8E34D11B8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1717A70AF9606F02A895690C44EAF2CA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3C4D9FCDB85191812AF90EDBDE8C0315
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: CCB42390CCD17526144B762234ECDEA5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 5E9E1F275BF9480BCAD64ABE003FE2CB
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 0DADFDC765E4E4C3120ABDDC1625286A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E420A54FF6FB45E186E29A50D2432ADA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 16AF0512B9253C47AF40C6629B355E67
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 282709FF9190012F5E46702E3CF56BDA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NY Times Sues Biden Administration for Hunter Biden Emails in Probe for Corrupt Foreign Ties - Becker News

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

325
Requests

88 %
HTTPS

27 %
IPv6

74
Domains

129
Subdomains

88
IPs

9
Countries

6908 kB
Transfer

18341 kB
Size

109
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbeckernews.com%2F&domain=beckernews.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=178zUnxqQ2xtU01qc3JkSUswaVFDbkdHT2VEQVU5Tld5ckw5S0M1L2xZcXJGVkJDNFFPV2d3NkZpb25EcFVaTUVjaGZ5UmsvWWJpdElpYXNtL0tRZ1NFWGo1OXR3UlVMNjYyYVhwOFlWaTZsWkNVRnNjaTRSSnlhMFVzOFc0elNlRDBiWjlqYzdhNFYvejRtcFA5a3VLQk9QZWdNY0lxOGNCT2UvWFVrZEw1MWZZeXZMbmJGWG5tVTF2MWROQWVZdDFWWityNEpyeUQwSDNvU1VRZjB6Q3VGY25velJXQnN4R1ZDcHlBZ3RpbXJjQkE0PXw&cppv=2
Request Chain 61
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Request Chain 63
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODI2QjNFREQtMDBGOS00ODBGLTk0NjQtQjg1QTRCRDkwMjM3&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODI2QjNFREQtMDBGOS00ODBGLTk0NjQtQjg1QTRCRDkwMjM3&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D826B3EDD-00F9-480F-9464-B85A4BD90237 HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=826B3EDD-00F9-480F-9464-B85A4BD90237
Request Chain 64
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=4508530143694285294
Request Chain 66
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-9qyNuXlE2uEZGWU7BtPIQOpT6HgTGR5x5pujZy4-~A
Request Chain 67
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1643777511527 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8644862469 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8644862469 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a585cdf0-ef00-4865-983c-fcbe375aa250 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005
Request Chain 68
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=
Request Chain 70
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fbeckernews.com%252Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%252F&pid=12306&adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fbeckernews.com%25252Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&pid=12306&adnxs_uid=4508530143694285294
Request Chain 72
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://router.infolinks.com/dyn/imd-usync?user_id=95317b89-2555-4860-a5a2-d4766a959fb7&partner_id=1531
Request Chain 73
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd5eb1182-83e3-11ec-a894-0649641462a8 HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-bRrOeQZE2uG5L_.Hird4PRkaa8n2e.my~A~UPd5eb1182-83e3-11ec-a894-0649641462a8
Request Chain 74
  • https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558752&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D1%26uuid%3D%25%25VGUID%25%25 HTTP 302
  • https://match.bnmla.com/usersync?dspid=1&uuid=jGERCxDZMomp&ev=1&us_privacy=${us_privacy}&pid=558752
Request Chain 75
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=6a6fefede94f1131da446343
Request Chain 76
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D826B3EDD-00F9-480F-9464-B85A4BD90237 HTTP 302
  • https://router.infolinks.com/dyn/usersync?pmuservalue=826B3EDD-00F9-480F-9464-B85A4BD90237
Request Chain 77
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=5131077720531239858
Request Chain 100
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfoN5xLB1NHIy20p3eznywAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECaf3mBsIYdf0K4FN14zV5g&google_cver=1&gdpr=1
Request Chain 101
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfoN5xLB1NHIy20p3eznywAABI0AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfoN5xLB1NHIy20p3eznywAABI0AAAIB&dcc=t
Request Chain 103
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8aceffa2-5ae5-49d6-ae3e-4e60bc852693&expiration=1675313511
Request Chain 104
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 106
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=eDVFkX5gRsdjMBSRfjUOyHkwG8ljMRPILzK3iI7a
Request Chain 188
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&adnxs_id=$UID HTTP 302
  • https://ids.ad.gt/api/v1/match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&adnxs_id=4508530143694285294
Request Chain 189
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=0051ca09-1455-4e27-bb5b-bb85f25a7be4 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=a585cdf0-ef00-4865-983c-fcbe375aa250&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
Request Chain 190
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D0051ca09-1455-4e27-bb5b-bb85f25a7be4 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=826B3EDD-00F9-480F-9464-B85A4BD90237&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4 HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&google_gid=CAESEO-D8aQ-x9sOxkIdR89-KZE&google_cver=1&google_ula=450542624,0
Request Chain 192
  • https://ids.ad.gt/api/v1/g_hosted?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MDA1MWNhMDktMTQ1NS00ZTI3LWJiNWItYmI4NWYyNWE3YmU0
Request Chain 193
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4 HTTP 302
  • https://ids.ad.gt/api/v1/ppnt_match?uid=B9rDb5rmqBBL&ev=1&pid=562316&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
Request Chain 194
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=0051ca09-1455-4e27-bb5b-bb85f25a7be4&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D0051ca09-1455-4e27-bb5b-bb85f25a7be4 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=0051ca09-1455-4e27-bb5b-bb85f25a7be4&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D0051ca09-1455-4e27-bb5b-bb85f25a7be4 HTTP 302
  • https://ids.ad.gt/api/v1/adb_match?adb=06545683187895026300571796834151375702&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
Request Chain 195
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3D0051ca09-1455-4e27-bb5b-bb85f25a7be4%26sas_uid%3D%5bsas_uid%5d HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&sas_uid=[sas_uid]&cklb=1
Request Chain 233
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.vuukle.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1643777512348-929046190734-008623-009-000580%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://servs.vuukle.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1643777512348-929046190734-008623-009-000580&key=95317b89-2555-4860-a5a2-d4766a959fb7
Request Chain 235
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fservs.vuukle.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1643777512348-929046190734-008623-009-000580%26key%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005&rndcb=4984305611 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005&rndcb=4984305611 HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=750f7c55-9c9d-492f-80a5-7be17051bae3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=c9d24dfb-5819-4e67-ba1b-ffc680ed3c8d&expires=1&user_group=5&ssp=adconductor&bsw_param=750f7c55-9c9d-492f-80a5-7be17051bae3 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/750f7c55-9c9d-492f-80a5-7be17051bae3?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005?redir=https%3A%2F%2Fservs.vuukle.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1643777512348-929046190734-008623-009-000580%26key%3DRX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005 HTTP 302
  • https://servs.vuukle.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1643777512348-929046190734-008623-009-000580&key=RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005
Request Chain 286
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 302
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD6Yk7D9BwAAAHO135GJw&expiration=1644987113&gdpr=1
Request Chain 303
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YfoN6QADHUiZhgBH HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfoN6QADHUiZhgBH&gdpr=1&_test=YfoN6QADHUiZhgBH
Request Chain 304
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 307
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3841559664404378862
Request Chain 322
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a585cdf0-ef00-4865-983c-fcbe375aa250&_origin=1&gdpr=1&gdpr_consent=
Request Chain 323
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPd5eb1182-83e3-11ec-a894-0649641462a8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBkNWViMTE4Mi04M2UzLTExZWMtYTg5NC0wNjQ5NjQxNDYyYTg%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEF4-wa-Kv8UhUqnGIh-WMV0&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEF4-wa-Kv8UhUqnGIh-WMV0&google_cver=1&apid=UPd5eb1182-83e3-11ec-a894-0649641462a8
Request Chain 324
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YfoN6QADHUiZhgBH&_origin=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YfoN6QADHUiZhgBH&_origin=0&gdpr=0&gdpr_consent=&apid=UPd5eb1182-83e3-11ec-a894-0649641462a8

325 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/ 		125 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
7fdffd2fc14cab4ff6d7c87b4e3c5aec0932e00211967fb577a0bb190a263386

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-type
text/html; charset=UTF-8
cf-ray
6d70ce7cad8a374d-MXP
last-modified
Wed, 02 Feb 2022 01:32:58 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by
PHP/7.4.24
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcBFVTNIv9ofMtg0vCWjcix55Ns7nIEyAOzGngBPSIqgFYVK7JzMAK50XjgRWg7yUbYHz6rVKpu3L%2FMKlM72PoB%2FzL39LN%2FFBp%2FtrUb9AzQd7yjrleSV8DONrCgtWAbJjJ3h%2BDRBgXurdOmelQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
RXvX1snpkkVVqv67AyPno-pDCsw.js
beckernews.com/cdn-cgi/apps/head/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/cdn-cgi/apps/head/RXvX1snpkkVVqv67AyPno-pDCsw.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2403c547323e252309d499941b20324d71d113374e88da01e7a2bec540568946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651775
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
9FJTKY56G8A63VBT
x-amz-id-2
OqtKwNTsWYuoG7fe1mVGSbwNKC5hKg4r6SxAPduGXGNXaSA6sCt62AT7HH0I1nngak8oE+eI+Gc=
last-modified
Thu, 18 Mar 2021 12:52:20 GMT
server
cloudflare
etag
W/"ffe7e172d4574a588b2d1868db5cb38d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIfqf0lXwsbhAIpUMe4y0TYykMb3KCEEv9MWyvaPHUj4K19Vj%2Bxm8MqyDWlp0kdm20mfi376jPlbuzI4g9Jt5IdEVxP4qgCZMqr03dhMYnsNL3LA4eWcYOsPOuXE8CbcO0zc%2FL3wJTAm4sF78Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
f62hFwR4WjE0xn6AOFt6FCRZ09TOy9Zm
cf-ray
6d70ce80493e374d-MXP
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%7CRoboto%20Slab%3A400&subset=latin%2Clatin-ext&display=swap
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2909b557be35396b05c5a3479a595f47e2c5eca9e89c3baee35894b019f3280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 04:51:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Feb 2022 04:51:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Feb 2022 04:51:50 GMT
style.min.css
beckernews.com/wp-includes/css/dist/block-library/ 		77 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 28 Jan 2022 06:21:48 GMT
server
cloudflare
age
4736
etag
W/"61f38b7c-1357b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MfEdQ8j3Dthn1y3xESs0XD2Hn%2BvclJVBW%2FS%2BGUct26QxigRVbUCILJAoZ9nqQgKYiV%2FWyKERslFfoG%2FRQYv2FROwUpLVgeRH3AZATPorkDl9CCV0Ut90W8ii%2FMFv%2Fm6ZaQ0H444Fn42uwxnOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d70ce80493f374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
min.css
beckernews.com/wp-content/themes/voice/assets/css/ 		169 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/themes/voice/assets/css/min.css?ver=2.9.9
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81a1e95338046a7214351ca54f5f155ab1509eac4be89cee6881d99a3c8c503b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4736
cf-polished
origSize=173094
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 11 Oct 2021 22:27:23 GMT
server
cloudflare
etag
W/"6164ba4b-2a426"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEmcpQrwm%2Bxt82vrzFMe62JCyKaDS%2FhNx%2B4%2B9ZJi%2FJObIE0WnazyyyOyw26Phr4Tlmq%2Fj3gDrJZ5dfR4TmAe6Nw4NYZ1I%2BR1jvHzbr3LCgBBAYrA8z26nMu5D2eaw1xL4trHa0sSkbOouuJOqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6d70ce804941374d-MXP
cf-bgj
minify
public.css
beckernews.com/wp-content/plugins/recent-posts-widget-with-thumbnails/ 		961 B
784 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5273ad1e5952aeae397bfa2d19fe8685b47e73a30197ad220d177ccfb8ce8da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4736
cf-polished
origSize=1084
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 11 Oct 2021 23:50:56 GMT
server
cloudflare
etag
W/"6164cde0-43c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9CabIHWRAwOOSKQtWyKNL5EdTcN1H%2BN1zLu8sXYvygdtPVs14GUGyOtCxDBirqHjts9XNv4UrfRNK3y%2BHrz01tpiAfNosIyuFho%2FyUxb1dYxj9nQPDhbn0TzwkvvXErIylzzrf31%2BVHrrd%2BJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6d70ce804942374d-MXP
cf-bgj
minify
free-comments-for-wordpress-vuukle-public-count.js
beckernews.com/wp-content/plugins/free-comments-for-wordpress-vuukle/public/js/ 		948 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/plugins/free-comments-for-wordpress-vuukle/public/js/free-comments-for-wordpress-vuukle-public-count.js?ver=5.0.8
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71fa1f7d7f86952d4f8409f3c419849828c9416c58ac248e23e02b2ddc712dd1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4736
cf-polished
origSize=1635
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 22 Nov 2021 20:10:49 GMT
server
cloudflare
etag
W/"619bf949-663"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=267ezyFKYDSbUvpDrgFc0ySFBe4FPWfs%2BrDpygJZu9Nouuu7Dk5lkoqJpHsKZTqbZLVI%2FFLOKI%2BnZTZP%2BEBF9ikAioByXg03eO5rpMBqYm7oMqx2Sxhbu2ZMe2KPyV9XUUQuhmvj8jQH5gQsdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6d70ce804943374d-MXP
cf-bgj
minify
jquery.min.js
beckernews.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Sep 2021 08:23:19 GMT
server
cloudflare
age
4736
etag
W/"613089f7-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBY%2BrWZZwTPLSgkychQJ6Ug2%2FXiEIZ0AdWawErxqMdKDNBKcgyynPK5AbDWsaYYWzivea0ow7knVbw3ECvGiLW7CzjwEehRE1965tzCNCPNr8mEuCAK75EcO5L2bKYgo1%2FoPC3eNUznrsFVb6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d70ce804944374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
beckernews.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 25 Dec 2020 15:10:21 GMT
server
cloudflare
age
4736
etag
W/"5fe600dd-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W89VUQndvtZAlmNjDfujI8s8N%2Blpo1fYJvTb9AUxEtfQoFs9u%2FPTa3Tcn78qe4B38U11CZH298Fx7YDzUHsUzPcWPhjZIJCdm0Qw5%2BoS%2FEvokU7yO0EXjCs21XBXRRfZY3%2BhK0JLT9r0sI%2F%2FTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d70ce804945374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
script.js
powerad.ai/ 		190 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/script.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
b28bb63c3761aa8dfe1bdb1a4b82ce643fc0e6bb05d9b65ad80a741ea01b9121

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 22:20:23 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"2f881-17e9da01fa1"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=3600
access-control-allow-credentials
true
access-control-allow-headers
*
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
316655dd83f650f20ec9786a8d133183e804b11942b6ab4136aa83b2c30f27bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d70ce80be9e910d-FRA
date
Wed, 02 Feb 2022 04:51:50 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 31 Jan 2022 15:39:24 GMT
server
cloudflare
age
4317
etag
W/"d6f-5d6e296cafe53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
expires
Wed, 02 Feb 2022 04:39:53 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-190122086-1
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba7a21fc27a575235d82ada12a4c029f3489b2dbec4a70c40e3efcb93b826274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36178
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Feb 2022 04:51:50 GMT
invisible.js
beckernews.com/cdn-cgi/challenge-platform/h/g/scripts/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
526400b95b0e9de4694e4ef31114930eb8561849f167cdb1b366427328755da9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNMVDlYuPQOX%2BtqegLmV5xiLuN06lByT4DdOU47gkGse2CkoVpfTYdqBhS3%2BfH4vMFOM6cFPiJ%2BDAZEv3c%2B2oJ7AeweIO1Eyr8FIDxenqtIq4Wz0TgrQ%2BZA8CN3lmTJMVbcjcBiBl%2FBq2Q47Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6d70ce80f9d4374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
kyle_logo_11-6-21.png
beckernews.com/wp-content/uploads/2021/11/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beckernews.com/wp-content/uploads/2021/11/kyle_logo_11-6-21.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dc3d696cb03eb09405e88fe6708385b86fc4303725052706b5d018842631811

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651774
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19875
last-modified
Sat, 06 Nov 2021 19:56:09 GMT
server
cloudflare
etag
"6186ddd9-4da3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfdZUX6jBxVJPXix2HBktWeY1SUVFBdnsKpzx763UupzFKoTgPD0RXFx6moPiJsZpfGs2BaIuuhK7d4MZ9PqnurVyIfeVzWlEzgADJKPqIdWE3eH077sEzusyeWB3%2Fm7mdjHo2fo%2FLe%2BrHkSyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6d70ce80f9d5374d-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
NYTEDIT-810x408.jpg
beckernews.com/wp-content/uploads/2022/02/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beckernews.com/wp-content/uploads/2022/02/NYTEDIT-810x408.jpg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
909f64680549c702a20a02972856933ff2b88ace80e5b8625fb79f8c1879c41d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
809
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
86952
last-modified
Tue, 01 Feb 2022 22:38:19 GMT
server
cloudflare
etag
"61f9b65b-153a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naYfFR%2BmvXfetfSBdMNrsgeJhwm2VB7ajV0y%2Ft0oHR0OBoBA34YnSpWfUOWVhlG%2BFEBXqVlsP8%2F9mC%2B%2Fv5TpUS4JFLMBnKw53Db664vsxdD9tVIivwFs3XSQQtySkVGN%2BVSQ8d5dgO%2B45x3kHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6d70ce80f9d7374d-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:f000:a:cbb7:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:15:54 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 02:22:33 GMT
age
16556
etag
W/"14de-17eb317458c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
keXcW7NcNnr2jQ_oVnjSygMSjmrMYqcVAucziab-UIHKyFCrFngohQ==
beckernewsllc_beckernews_above_content_1_smartview.js
cdn1.lockerdomecdn.com/embeds/ 		344 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/beckernewsllc_beckernews_above_content_1_smartview.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:de00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5713867ac8881dd5a8e178755241a12fc55d6a4144c27216e5608064b1ed972e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
fdsdzy41prZxTJwjf.Hnb864.za8P9aY
via
1.1 74dad4a395a0daef1fa4934a67f7955a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Jun 2021 19:44:30 GMT
server
AmazonS3
age
84304
etag
"949f8d2be0919e8273e17990adb680b9"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 01 Feb 2022 05:26:47 GMT
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-length
344
x-amz-cf-id
mwkrOgzh-_oEkR3mIfFgPeLLJKUK6oOsbzUp7l3wKrRQNRrXvX907g==
beckernewsllc_beckernews_in_content_1_smartview.js
cdn1.lockerdomecdn.com/embeds/ 		344 B
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/beckernewsllc_beckernews_in_content_1_smartview.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:de00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86e8be85acf880935aa96b9d7aaf4fa97bf5a0e2db09835040e5b97ec43d5cc2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
XIQuiGaZ_OEHRctXwhz3TMTr5RmF2Xx6
via
1.1 74dad4a395a0daef1fa4934a67f7955a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Jun 2021 19:44:31 GMT
server
AmazonS3
age
8704
etag
"b51af748c65409dfe34621aeb04bb259"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Wed, 02 Feb 2022 02:26:47 GMT
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-length
344
x-amz-cf-id
HUaMCkp2VrGu0kRJl3HC_2JD0-jk8OjUimH74U7WB_CRyvCa-1BVYA==
beckernewsllc_beckernews_in_content_2_smartview.js
cdn1.lockerdomecdn.com/embeds/ 		344 B
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/beckernewsllc_beckernews_in_content_2_smartview.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2260:de00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b732aa760484feded70866a79c1f89bafdc9938e83e74b0d8d8ff7fbb4a7b77a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
A4sevQYE0ZYu_PIGwVefxq.tyVpUWoIg
via
1.1 74dad4a395a0daef1fa4934a67f7955a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Jun 2021 19:44:31 GMT
server
AmazonS3
age
79956
etag
"b48e5e13171bf6ae1da89442a9323649"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 01 Feb 2022 06:39:15 GMT
x-amz-cf-pop
TXL50-P3
accept-ranges
bytes
content-length
344
x-amz-cf-id
Hp5j2drgTL7n9jFuTT-ZKZy3ucABB38At5xzcs_PbdWObodl_tWqpQ==
delivery.js
assets.revcontent.com/master/ 		190 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ea7c9d811d5ae86e7cd6b4546019c06f403918020f0fe1f3bc00bf75c46bf00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
gzip
last-modified
Fri, 28 Jan 2022 20:59:42 GMT
server
AmazonS3
x-amz-request-id
1TNWGSY2AGZ6WEHE
etag
"bc32459bc799c2e93e3f79dd02338f95"
x-hw
1643777510.cds133.fr8.hn,1643777510.cds146.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
63354
x-amz-id-2
i5sZL4Bij7r0XMZXNBI84ikccgmT7Hi5EkuIglymvKItc5tRWH1BypVJOPqK766H/g1O29jKjV0=
beckernews.com.1078868.js
jsc.mgid.com/b/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/b/e/beckernews.com.1078868.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2ac413eee80522332c7a7932279c1859971a2656710d22fc5fff522cf3c5f5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
age
5334
last-modified
Mon, 06 Dec 2021 17:22:58 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FGJHK1ZP839BCPRX
x-amz-id-2
nI7Xz0VRFQP+It493W32QY3oOKGhAAI5B/nEQ0LnaoVtJHtsBRBGGcily/Bj8ADsDTX3WHNtY+A=
cf-bgj
minify
server
cloudflare
etag
W/"cc9d6f1717c8cceb8cdbe0900e78d50a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d70ce813c0c9171-FRA
expires
Wed, 02 Feb 2022 07:51:50 GMT
imagesloaded.min.js
beckernews.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Aug 2020 16:01:56 GMT
server
cloudflare
age
4736
etag
W/"5f43e474-15fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfRUruygRMgOdOUYIPFlB0bx4FC5gXOcTWKMHj0tEAeYc5M8LFYX7IXc%2BpdNAoNygeZjBnA%2FPQwBOSa1kwSUMxUVpeYEvTZRHch4p9%2F8sGTT89sYX%2BNoj5qrBfMNqjevrTu3HeWOrnuljsZJzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d70ce80e9c9374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
min.js
beckernews.com/wp-content/themes/voice/assets/js/ 		100 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/themes/voice/assets/js/min.js?ver=2.9.9
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
596b4aabca01ac591c9a7d2b2d8c4893d5ebb36609405574c66c56a32e816ead

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4736
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 11 Oct 2021 22:27:23 GMT
server
cloudflare
etag
W/"6164ba4b-190fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKTZXx2oJnPy88pOsIPLNt4Za7QVipdM7YPL5BYC%2FJww7oAOAA6UKGdHjAJK9h8mGyy7C4UdASTp7WXXp3t2S3TWNFW1RH%2FT1BfBvFdgKb4VrwQxUEKV%2FbLg4gMKG%2FMvqlV6VCvMlq5iAq3Lug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6d70ce80f9cd374d-MXP
cf-bgj
minify
frontend.min.js
beckernews.com/wp-content/plugins/q2w3-fixed-widget/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.0.1
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
670390e72b0535447ab335d4c8d6c4b5e54660b78c9525a9e2f0722718dc2f24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 23 Jan 2022 16:22:04 GMT
server
cloudflare
age
4736
etag
W/"61ed80ac-3634"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTw%2BpWyu%2Bu68a7SXbHuMMsNKllJFw2ubS4OcZDgyrOtNv6Pv%2FKQH59hDpPrGqVvyqagDsyNK70MrLQvY89uCww0HJccKLVOy5Vg75ClAIhohtb4T3QR6JpjbA%2FaR6cjTfjLmRdPoCVS8kZvmnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d70ce80f9d2374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.9
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3444
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d70ce815b385a1f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 05 Feb 2022 04:51:50 GMT
wp-embed.min.js
beckernews.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-includes/js/wp-embed.min.js?ver=5.9
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
819512599642371938d80fa33c6fd22169e43f381b67203033ff4ffa04fe06a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 28 Jan 2022 06:21:48 GMT
server
cloudflare
age
4736
etag
W/"61f38b7c-5d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WB%2FRVcIUw92BudL8rFIcCgojck1T%2BtERZq3b1u30%2BEKvc%2BQ2y%2FpU3SBDn8VwXGIeX%2Bg%2FzpvZgN%2BFSaRkXU1LdA4CiYFfKyDsy8QsCRjZJ77L4Vs6K44R65Ng%2FHI6t%2FjoaLkwxcdHIMsBXQEorQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d70ce80f9d3374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wf9_ZK3FkN211lqPa9eHRKEVRcw.js
beckernews.com/cdn-cgi/apps/body/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/cdn-cgi/apps/body/wf9_ZK3FkN211lqPa9eHRKEVRcw.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/cdn-cgi/apps/head/RXvX1snpkkVVqv67AyPno-pDCsw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
767e37bcd6daaf0e719be2ba4bba0a36a11040e971b918a068bf8cb0ea9c4aca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
650930
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
VNAD9S9D2BC9S2X1
x-amz-id-2
M0IZQMTE+q6InJVaTJuNpdBZQz+Y8Epk5UCQo6HdwrBRol/J0/Ea+UydDvZow2IZ9J1GiBeMhR4=
last-modified
Thu, 18 Mar 2021 12:52:19 GMT
server
cloudflare
etag
W/"4d628b673cad1387db2cd989f9e6ff7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpS0ws%2BlXzfwzdfrrbIyKW3amortTHTRsjrKkHsvdYipuHlbQQxW44Gc%2FBPGrHFG6vHChq7TV3JkladcKLWxgumddEm4hgYnKPplKxHFcuhbYC%2BlEl7zLkdPiQ4yFNIUBHeK2vngiRexXsEu4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
LB7ZNXFAI3CyolxnCUcO3sbxJr7XBBwv
cf-ray
6d70ce80f9d9374d-MXP
wp-emoji-release.min.js
beckernews.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Sep 2021 08:23:19 GMT
server
cloudflare
age
4736
etag
W/"613089f7-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8nsO6GUO8Wyc%2BREa%2FMKwy9xkPnmTNBoBFGT46BO1b5n%2B6MSjjFDcx%2F1xSqEs80zea8OuZVtx3gQL0qRn6u7oIsM5GaDdkC8kxHZ7ObiZp4p1a0%2B51hwDITCXGo75hZ8MZypDF48uGGDcGW%2BOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d70ce80f9da374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ice.js
resources.infolinks.com/js/1786.003-3.025/ 		178 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1786.003-3.025/ice.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d51fc32f16709946cd68db3ca2ab3a88d7e8bf7dad9a28834a51e19aed8c3a8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d70ce80fede910d-FRA
date
Wed, 02 Feb 2022 04:51:50 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 08:38:27 GMT
server
cloudflare
age
3342
etag
W/"2c618-5d6782026a911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Fri, 04 Mar 2022 03:56:08 GMT
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v16/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v16/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%7CRoboto%20Slab%3A400&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c636cdf8f523ada818ad53ff012d37b57190cc6702fdf0e6a35a502fcd4f625f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 23:01:03 GMT
x-content-type-options
nosniff
age
21047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12488
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 18:12:06 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 23:01:03 GMT
fontawesome-webfont.woff2
beckernews.com/wp-content/themes/voice/assets/css/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/themes/voice/assets/css/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2632
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 11 Oct 2021 22:27:23 GMT
server
cloudflare
etag
"6164ba4b-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2Bl6OjXtXPczGzbEpzPJV7lvo%2FUtsA00n9yIbD2AJXZbGpFcJsoBmFweDAY7jnTGkmpHj8fJFCW2oW6OYUJGD13FAeJ0R3Y3NagWnr5OfMoiiMJJADAvFSNJzBzYnzKQHLz9Agb9gC0E%2BINAhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8109e0374d-MXP
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%7CRoboto%20Slab%3A400&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 18:59:48 GMT
x-content-type-options
nosniff
age
35522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16692
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:32:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 18:59:48 GMT
0b1fafe29d8b00ceb0eb5d31298bda79
secure.gravatar.com/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/0b1fafe29d8b00ceb0eb5d31298bda79?s=100&d=mm&r=g
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9e523aba4ee40ec4c2738eb8907fdf92c9b012e949ee20187358f0778dd59934

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc
HIT mxp 4
date
Wed, 02 Feb 2022 04:51:50 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="0b1fafe29d8b00ceb0eb5d31298bda79.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/0b1fafe29d8b00ceb0eb5d31298bda79?s=100&d=mm&r=g>; rel="canonical"
content-length
1665
expires
Wed, 02 Feb 2022 04:56:50 GMT
/
rumble.com/embedJS/u4870v.vnplrs/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumble.com/embedJS/u4870v.vnplrs/?url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&args=%5B%22play%22%2C%7B%22video%22%3A%22vnplrs%22%2C%22div%22%3A%22rumble_vnplrs%22%7D%5D
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
c.92.37a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
f31f4be906d66ffeb3c670262800634c7ca5aeb24556cbb23e85b8c6a2d6a722
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
vary
Accept-Encoding
server
nginx
link
<https://rumble.com/vqbrvy-jen-psaki-gets-pissed-ta-reporter-who-asks-her-about-hunter-biden-story.html>; rel="canonical"
strict-transport-security
max-age=31536000;includeSubDomains;preload
content-type
application/javascript;charset=utf-8
/
beckernews.com/breaking-project-veritas-scores-major-victory-against-the-new-york-times-43489/embed/ Frame F0D5 		62 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/breaking-project-veritas-scores-major-victory-against-the-new-york-times-43489/embed/
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
22d67ebbc3b86ad39403952f6e9e3a67efcce2d56f9c168f236930c1c9b77ce9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-type
text/html; charset=UTF-8
cf-ray
6d70ce8119e9374d-MXP
link
<https://beckernews.com/wp-json/>; rel="https://api.w.org/", <https://beckernews.com/wp-json/wp/v2/posts/43489>; rel="alternate"; type="application/json", <https://beckernews.com/?p=43489>; rel=shortlink
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by
PHP/7.4.24
x-wp-embed
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbZKI6IZNnPF60cVEiLrkJQmMauNq0%2F6XkN6ST0vIQYAzcSpWm3zonyZRTOaOaCXDN4l1Uo1bzn%2BrJ%2F11JK1Du%2FkD1NtTL9wVilz2VpnKR%2BqYUcErQFQpmJVwECZr71XtiM%2BJ3qvijHklRi%2FKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
platform.js
cdn.vuukle.com/ 		143 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/platform.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ead984c7fdcf4798d3a2ccef5d1c584d4eaa68b04eb03a00a329a2add393fda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
age
89966
cf-polished
origSize=146173
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 28 Jan 2022 13:24:02 GMT
server
cloudflare
etag
W/"61f3ee72-23afd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1800
cf-ray
6d70ce81eea15a0d-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj
minify
truncated
/ 		803 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
manage
router.infolinks.com/usync/ Frame D429 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab78d693c638726755efb22528d50266969c0f308761f4b381ba86014ead7df3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-type
text/html;charset=UTF-8
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d70ce818f80910d-FRA
content-encoding
gzip
lcmanage
router.infolinks.com/usync/ 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6d70ce818f84910d-FRA
content-length
0
gsd
router.infolinks.com/ 		319 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&jsv=1786.003-3.025&_cb=16437775106340
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f69116cb1c7fe8e2fd18e592bbb06c1d9fc453f62aaf45df8a6612dd3ec1f97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/javascript;charset=UTF-8
content-encoding
gzip
cache-control
max-age=0
cf-ray
6d70ce818f81910d-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		165 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
gzip
last-modified
Fri, 30 Jul 2021 21:19:34 GMT
server
Apache/2.2.15 (CentOS)
etag
"16a1416-29219-5c85dc6abdd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=75276
accept-ranges
bytes
content-type
text/javascript
content-length
54050
expires
Thu, 03 Feb 2022 01:46:26 GMT
beckernews.com.1078868.es6.js
jsc.mgid.com/b/e/ 		233 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/b/e/beckernews.com.1078868.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beckernews.com.1078868.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5339542b9c260a4c71cc27fd8880a84c5fece35f860b88292770e5e5c6f1d794

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
age
5333
last-modified
Mon, 06 Dec 2021 17:22:58 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FGJHM28JRRSREVCJ
x-amz-id-2
oMTNt9h4kuWaQXebKPzN4VUIWk6N+iwx5RErtlwjvdhrIFGBz8V+0ofIEVk46Qf5b7TdMV4aYLk=
cf-bgj
minify
server
cloudflare
etag
W/"ec681b4a938983259775560240ba57b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d70ce81dd269171-FRA
expires
Wed, 02 Feb 2022 07:51:50 GMT
mgWidget_1.11.67.js
cdn.mgid.com/js/wglibs/ 		361 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.67.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beckernews.com.1078868.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7c1fccc2867ae191b996b6d0749630e729141a97ebc8080b133816e423fa3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
age
1743
last-modified
Mon, 06 Dec 2021 10:01:53 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
X4WCCMRVJKZYQH96
x-amz-id-2
dREq9VdVBioUqCROOB1hVgA4w3DQC7JuhGKd9bWkNY6R/3t532o25YcpUL2jqj+THXXytjgsZ9g=
cf-bgj
minify
server
cloudflare
etag
W/"797618bce952683b5d976249dc1ddf1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6d70ce81dd389171-FRA
expires
Thu, 03 Feb 2022 04:51:50 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3564
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d70ce81dbbc5a1f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 05 Feb 2022 04:51:50 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-190122086-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4616
date
Wed, 02 Feb 2022 03:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 02 Feb 2022 05:34:54 GMT
13726297860053350
lockerdome.com/lad/ Frame 393E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13726297860053350?pubid=ld-13726297860053350-151&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=640
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Wed, 02 Feb 2022 04:51:51 GMT
13726301584595302
lockerdome.com/lad/ Frame CE7E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13726301584595302?pubid=ld-13726301584595302-692&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=640
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Wed, 02 Feb 2022 04:51:51 GMT
13726299873319270
lockerdome.com/lad/ Frame A0A4 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13726299873319270?pubid=ld-13726299873319270-436&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=640
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Wed, 02 Feb 2022 04:51:51 GMT
getGeo
vuukle.com/ 		90 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vuukle.com/getGeo
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f98bb0b288d162a288ce2caf8406c00c1fd474f0c73a58b5893098271621a9

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,POST,OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-max-age
86400
cf-ray
6d70ce82e88159dd-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
loadVuukle
api.vuukle.com/api/v1/Comments/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.vuukle.com/api/v1/Comments/loadVuukle?apiKey=58e55d32-a7bb-45b2-86ad-8b070856d8ba&articleId=43934&globalRecommendation=false&host=beckernews.com&start=0&uri=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
598d76f0178bc4add6dec889790d5b209ed00a25489e61b546ba78f4dd69f5bc
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
via
1.1 varnish (Varnish/6.2)
cf-cache-status
DYNAMIC
age
0
access-control-allow-credentiails
true
content-type
application/json; charset=utf-8
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
x-varnish
234048626
access-control-allow-origin
https://beckernews.com
cache-control
no-store,no-cache
access-control-allow-credentials
true
cf-ray
6d70ce82fdc75995-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
beckernews.com.json
cdn.vuukle.com/ads/ 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/ads/beckernews.com.json
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595491a31e2d1136c3b62f5e8c7f2e4bb39b83f47dc0d24b8f8ad67aa81c1dda

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 01 Feb 2022 18:01:32 GMT
server
cloudflare
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
etag
W/"61f9757c-2ea6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
6d70ce82fa5c839c-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		0
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27277
x-xss-protection
0
server
sffe
etag
"1119 / 794 of 1000 / last-modified: 1643756703"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 02 Feb 2022 04:51:50 GMT
web
onesignal.com/api/v1/sync/4591b984-c4cf-431a-ba46-3321f626ffa4/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/4591b984-c4cf-431a-ba46-3321f626ffa4/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa22d3fbb11188ca2c1276dd8b32813ed6f6fa66119fb3ba944520a8ac0e94e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
status
200 OK
x-envoy-upstream-service-time
23
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a087e371-46e2-4b55-a14b-c7c244cefbc9
x-runtime
0.021730
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"fa22d3fbb11188ca2c1276dd8b32813e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6d70ce82ecf35a1f-MXP
access-control-allow-headers
SDK-Version
expires
Wed, 02 Feb 2022 05:51:51 GMT
powerbar.html
cdn.vuukle.com/widgets/ Frame DE46 		188 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/widgets/powerbar.html?version=2.11.4
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d1e7372db2f8c515be5b6eafd29390113610bd591979a468429f293badb9b9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-type
text/html
cf-ray
6d70ce831dfe0f56-MXP
access-control-allow-origin
*
age
89971
cache-control
max-age=10800
last-modified
Thu, 27 Jan 2022 13:13:58 GMT
vary
Accept-Encoding
cf-cache-status
HIT
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
Content-Length,Content-Range
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
doq.htm
rt3007.infolinks.com/action/ 		867 B
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3007.infolinks.com/action/doq.htm?pcode=utf-8&r=16437775108921
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb677b273e0cd729cafdb33788f504479d9c363e74fcca9971e3f70d61931a8b

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
x-application-context
application:prod
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-language
de-DE
access-control-allow-origin
https://beckernews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
6d70ce83498e5c74-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1321916592&t=pageview&_s=1&dl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&ul=en-us&de=UTF-8&dt=NY%20Times%20Sues%20Biden%20Administration%20for%20Hunter%20Biden%20Emails%20in%20Probe%20for%20Corrupt%20Foreign%20Ties%20-%20Becker%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1535290189&gjid=1430833023&cid=569924556.1643777511&tid=UA-190122086-1&_gid=930579321.1643777511&_r=1&gtm=2ou1v0&z=271977729
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbeckernews.com%2F&domain=beckernews.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://beckernews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://beckernews.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1949
date
Wed, 02 Feb 2022 04:51:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbeckernews.com%2F&domain=beckernews.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=178zUnxqQ2xtU01qc3JkSUswaVFDbkdHT2VEQVU5Tld5ckw5S0M1L2xZcXJGVkJDNFFPV2d3NkZpb25EcFVaTUVjaGZ5UmsvWWJpdElpYXNtL0tRZ1NFWGo1OXR3UlVMNjYyYVhwOFlWaTZsWkNVRnNjaTRSSnlhMFVzOF...
350 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=178zUnxqQ2xtU01qc3JkSUswaVFDbkdHT2VEQVU5Tld5ckw5S0M1L2xZcXJGVkJDNFFPV2d3NkZpb25EcFVaTUVjaGZ5UmsvWWJpdElpYXNtL0tRZ1NFWGo1OXR3UlVMNjYyYVhwOFlWaTZsWkNVRnNjaTRSSnlhMFVzOFc0elNlRDBiWjlqYzdhNFYvejRtcFA5a3VLQk9QZWdNY0lxOGNCT2UvWFVrZEw1MWZZeXZMbmJGWG5tVTF2MWROQWVZdDFWWityNEpyeUQwSDNvU1VRZjB6Q3VGY25velJXQnN4R1ZDcHlBZ3RpbXJjQkE0PXw&cppv=2
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2e11fb442e44464d109e15eb410406916fcf79f98087e57c7209f725342049f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2485
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:50 GMT
location
https://mug.criteo.com/sid?cpp=178zUnxqQ2xtU01qc3JkSUswaVFDbkdHT2VEQVU5Tld5ckw5S0M1L2xZcXJGVkJDNFFPV2d3NkZpb25EcFVaTUVjaGZ5UmsvWWJpdElpYXNtL0tRZ1NFWGo1OXR3UlVMNjYyYVhwOFlWaTZsWkNVRnNjaTRSSnlhMFVzOFc0elNlRDBiWjlqYzdhNFYvejRtcFA5a3VLQk9QZWdNY0lxOGNCT2UvWFVrZEw1MWZZeXZMbmJGWG5tVTF2MWROQWVZdDFWWityNEpyeUQwSDNvU1VRZjB6Q3VGY25velJXQnN4R1ZDcHlBZ3RpbXJjQkE0PXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1802
content-length
482
expires
0
/
trends.revcontent.com/api/demand/ 		52 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=191051
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.125.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-125-248.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://beckernews.com
date
Wed, 02 Feb 2022 04:51:51 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.125.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-125-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://beckernews.com
date
Wed, 02 Feb 2022 04:51:51 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cnsnt.platform.js
cdn.vuukle.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/cnsnt.platform.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62c3a4f78334221a29592245d0d3cda9fb3a850afc658bc7010682c0b723cb72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:50 GMT
content-encoding
br
cf-cache-status
HIT
age
3217
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 28 Jan 2022 13:24:09 GMT
server
cloudflare
etag
W/"61f3ee79-edd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=7200
cf-ray
6d70ce836e2f0f56-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj
minify
/
de.tynt.com/deb/ Frame 414C 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

cache-control
max-age=86400
expires
Thu, 03 Feb 2022 04:51:51 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Wed, 02 Feb 2022 04:51:50 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
usermatch
ssum-sec.casalemedia.com/ Frame EC8C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
613ac16c647342fbc50e4123b18e47140effe7392830b2d88c942768f5f49019

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|45|241|39|8|17|218|81
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 02 Feb 2022 04:51:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:51 GMT
Content-Length
1604
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 02 Feb 2022 04:51:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:51 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame B846 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
pbm-usync
router.infolinks.com/dyn/ Frame D429
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODI2QjNFREQtMDBGOS00ODBGLTk0NjQtQjg1QTRCRDkwMjM3&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODI2QjNFREQtMDBGOS00ODBGLTk0NjQtQjg1QTRCRDkwMjM3&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D826B3EDD-00F9-480F-9464-B85A4BD90237
  • https://router.infolinks.com/dyn/pbm-usync?uid=826B3EDD-00F9-480F-9464-B85A4BD90237
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=826B3EDD-00F9-480F-9464-B85A4BD90237
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
6d70ce8a6ad2910d-FRA
content-length
0
expires
Tue, 02 Feb 2021 04:51:52 GMT

Redirect headers

location
https://router.infolinks.com/dyn/pbm-usync?uid=826B3EDD-00F9-480F-9464-B85A4BD90237
date
Wed, 02 Feb 2022 04:51:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apn-usync
router.infolinks.com/dyn/ Frame D429
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=4508530143694285294
35 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=4508530143694285294
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d70ce847b50910d-FRA
content-length
35
expires
Tue, 02 Feb 2021 04:51:51 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:51 GMT
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
470d3381-946c-4a69-b2a6-6ba6b553dba6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://router.infolinks.com/dyn/apn-usync?user_id=4508530143694285294
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
u.openx.net/w/1.0/ Frame D429 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
VR-usync
router.infolinks.com/dyn/ Frame D429
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58422/occ
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
  • https://router.infolinks.com/dyn/VR-usync?uid=y-9qyNuXlE2uEZGWU7BtPIQOpT6HgTGR5x5pujZy4-~A
35 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/VR-usync?uid=y-9qyNuXlE2uEZGWU7BtPIQOpT6HgTGR5x5pujZy4-~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d70ce847b51910d-FRA
content-length
35
expires
Tue, 02 Feb 2021 04:51:51 GMT

Redirect headers

location
https://router.infolinks.com/dyn/VR-usync?uid=y-9qyNuXlE2uEZGWU7BtPIQOpT6HgTGR5x5pujZy4-~A
date
Wed, 02 Feb 2022 04:51:51 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
r1-usync
router.infolinks.com/dyn/ Frame D429
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1643777511527
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8644862469
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8644862469
  • https://sync.1rx.io/usersync/tradedesk/a585cdf0-ef00-4865-983c-fcbe375aa250
  • https://sync.targeting.unrulymedia.com/csync/RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d70ce8dae12910d-FRA
content-length
35
expires
Tue, 02 Feb 2021 04:51:52 GMT

Redirect headers

Date
Wed, 02 Feb 2022 04:51:52 GMT
Server
Tengine
ETag
RXacb47eee49dd47c4a6f654075a7fcd64005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://router.infolinks.com/dyn/r1-usync?uid=RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005
Connection
keep-alive
Content-Type
text/html
zmn-usync
router.infolinks.com/dyn/ Frame D429
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://router.infolinks.com/dyn/zmn-usync?uid=
35 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store
cf-ray
6d70ce86adf6910d-FRA
content-length
35

Redirect headers

Location
https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
70
Content-Type
text/html; charset=utf-8
us
sync.go.sonobi.com/ Frame D429 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:51 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/ Frame D429
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fbeckernews.com%252Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%252...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fbeckernews.com%25252Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-fo...
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&pid=12306&adnxs_uid=4508530143694285294
95 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&pid=12306&adnxs_uid=4508530143694285294
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
HTTP/1.1
Server
54.194.94.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-94-231.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 02 Feb 2022 04:51:51 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 02 Feb 2022 04:51:51 UTC

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:51 GMT
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
31b0e6b8-9a5e-44cc-b369-b65d30c7fabb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&pid=12306&adnxs_uid=4508530143694285294
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
dsp.adkernel.com/ Frame D429 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:51 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
imd-usync
router.infolinks.com/dyn/ Frame D429
Redirect Chain
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://router.infolinks.com/dyn/imd-usync?user_id=95317b89-2555-4860-a5a2-d4766a959fb7&partner_id=1531
35 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/imd-usync?user_id=95317b89-2555-4860-a5a2-d4766a959fb7&partner_id=1531
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d70ce855c5d910d-FRA
content-length
35
expires
Tue, 02 Feb 2021 04:51:51 GMT

Redirect headers

location
https://router.infolinks.com/dyn/imd-usync?user_id=95317b89-2555-4860-a5a2-d4766a959fb7&partner_id=1531
date
Wed, 02 Feb 2022 04:51:51 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
outh-usync
router.infolinks.com/dyn/ Frame D429
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd5eb1182-83e3-11ec-a894-0649641462a8
  • https://router.infolinks.com/dyn/outh-usync?uid=y-bRrOeQZE2uG5L_.Hird4PRkaa8n2e.my~A~UPd5eb1182-83e3-11ec-a894-0649641462a8
35 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-bRrOeQZE2uG5L_.Hird4PRkaa8n2e.my~A~UPd5eb1182-83e3-11ec-a894-0649641462a8
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d70ce856c7a910d-FRA
content-length
35
expires
Tue, 02 Feb 2021 04:51:51 GMT

Redirect headers

location
https://router.infolinks.com/dyn/outh-usync?uid=y-bRrOeQZE2uG5L_.Hird4PRkaa8n2e.my~A~UPd5eb1182-83e3-11ec-a894-0649641462a8
date
Wed, 02 Feb 2022 04:51:51 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
match.bnmla.com/ Frame D429
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
  • https://bh.contextweb.com/bh/rtset?pid=558752&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D1%26uuid%3D%25%25VGUID%25%25
  • https://match.bnmla.com/usersync?dspid=1&uuid=jGERCxDZMomp&ev=1&us_privacy=${us_privacy}&pid=558752
0
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.bnmla.com/usersync?dspid=1&uuid=jGERCxDZMomp&ev=1&us_privacy=${us_privacy}&pid=558752
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
HTTP/1.1
Server
38.27.122.126 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 04:51:52 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://match.bnmla.com/usersync?dspid=1&uuid=jGERCxDZMomp&ev=1&us_privacy=${us_privacy}&pid=558752
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-67774fc8c-hr5q7
expires
-1
sovrn-usync
router.infolinks.com/dyn/ Frame D429
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
  • https://router.infolinks.com/dyn/sovrn-usync?uid=6a6fefede94f1131da446343
35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=6a6fefede94f1131da446343
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d70ce88f93e910d-FRA
content-length
35
expires
Tue, 02 Feb 2021 04:51:51 GMT

Redirect headers

Date
Wed, 02 Feb 2022 04:51:51 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=6a6fefede94f1131da446343
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usersync
router.infolinks.com/dyn/ Frame D429
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D826B3EDD-00F9-480F-9464-B85A4BD90237
  • https://router.infolinks.com/dyn/usersync?pmuservalue=826B3EDD-00F9-480F-9464-B85A4BD90237
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/usersync?pmuservalue=826B3EDD-00F9-480F-9464-B85A4BD90237
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
6d70ce87af0f910d-FRA
content-length
0

Redirect headers

location
https://router.infolinks.com/dyn/usersync?pmuservalue=826B3EDD-00F9-480F-9464-B85A4BD90237
date
Wed, 02 Feb 2022 04:51:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
zeta-usync
router.infolinks.com/dyn/ Frame D429
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=5131077720531239858
35 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=5131077720531239858
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d70ce87ff75910d-FRA
content-length
35
expires
Tue, 02 Feb 2021 04:51:51 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=5131077720531239858
Date
Wed, 02 Feb 2022 04:51:51 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
ssc-cms.33across.com/ps/ Frame D429 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-33x-status
2000208
date
Wed, 02 Feb 2022 04:51:50 GMT
server
33XP003
iq-usync
router.infolinks.com/dyn/ Frame D429 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/iq-usync
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6d70ce861d30910d-FRA
content-length
0
pica.js
beckernews.com/cdn-cgi/challenge-platform/h/g/scripts/ 		21 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3133b8429b15c13b9f4b222eb2098a73412ff3ae9645d55e0dbdc96367fdf74a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E38ARQIFukp7Z2hp%2BbwqwrNihh%2F2aJkPGl0n5Qi69jBfxjDvy4IStIRA%2FlMwlyne5PtJ0q5lMcnADo1gnqPuc16F7Jlc8fEjt6QaplyBTmh%2BDN%2B73EJIZyga95q7jXr2gXDoHwEl0bWGcjBB4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6d70ce858d6f374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ui.r2.js
rumble.com/j/p/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumble.com/j/p/ui.r2.js?_v=308
Requested by
Host: rumble.com
URL: https://rumble.com/embedJS/u4870v.vnplrs/?url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&args=%5B%22play%22%2C%7B%22video%22%3A%22vnplrs%22%2C%22div%22%3A%22rumble_vnplrs%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
c.92.37a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
eb0b44522322e3379c9c3519c63813eab096880b9860a50a17712c5f085580e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
br
last-modified
Thu, 30 Dec 2021 22:19:53 GMT
server
nginx
etag
W/"61ce3089-11246"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security
max-age=31536000;includeSubDomains;preload
UVROc.OvCc.1.jpg
sp.rmbl.ws/s8/6/U/V/R/O/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.rmbl.ws/s8/6/U/V/R/O/UVROc.OvCc.1.jpg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
005271c8809dfb7cd408751724a2170ca81a3277de5d8cae0ec34db97050348f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
last-modified
Mon, 06 Dec 2021 20:06:47 GMT
server
nginx
etag
"907382bf8268bd0a6f72587007a87a54"
x-hw
1643777511.cds010.fr8.hn,1643777511.cds135.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=64301
accept-ranges
bytes
content-length
16392
UVROc.caa.mp4
sp.rmbl.ws/s8/2/U/V/R/O/ 		245 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://sp.rmbl.ws/s8/2/U/V/R/O/UVROc.caa.mp4?u=4870v&b=0
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://beckernews.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
last-modified
Mon, 06 Dec 2021 20:06:39 GMT
server
nginx
access-control-allow-origin
*
etag
"c5bfa548aa6e075548b26ff0834a5f59"
x-hw
1643777511.cds010.fr8.hn,1643777511.cds136.fr8.c
content-type
video/mp4
Content-Range
bytes 0-6982462/6982463
cache-control
max-age=64301
accept-ranges
bytes
Content-Length
6982463
truncated
/ Frame DE46 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cd72707a6eb0ba2f481bf98476ada929d93c3cc1ccf2fa702f4e237ddbea113

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.vuukle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
prebid3.js
cdn.vuukle.com/static/ 		469 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/static/prebid3.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be1ca149f15b9763c22ce39cefc22e6cd2e561ce7fca21c2fc58d0230cb7e4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
br
cf-cache-status
HIT
age
89974
cf-polished
origSize=616353
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 31 Jan 2022 14:36:56 GMT
server
cloudflare
etag
W/"61f7f408-967a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1800
cf-ray
6d70ce846f130f56-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj
minify
bq-publish
publish.vuukle.com/ 		44 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://publish.vuukle.com/bq-publish?callback=&{%22action%22:%22view_page%22,%22hashed_email%22:%22$18a833-7865-478e-b64b-3f2451f69f53%22,%22hostname%22:%2258e55d32-a7bb-45b2-86ad-8b070856d8ba%22,%22pubdomain%22:%22beckernews.com%22,%22refDomain%22:%22%22,%22sessionId%22:%22b2cbe12b-2760-4b4b-85b2-3c0f5afe674f%22,%22version%22:%224.20%22,%22articleImg%22:%22%22,%22articleTitle%22:%22NY%20Times%20Sues%20Biden%20Administration%20for%20Hunter%20Biden%20Emails%20in%20Probe%20for%20Corrupt%20Foreign%20Ties%22,%22article_id%22:%2243934%22,%22hashed_article_url%22:%22https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F%22,%22referrer%22:%22Kyle%20Becker%22,%22tags%22:%22%22,%22browser%22:%22Chrome%22,%22device%22:%22Desktop%22,%22os%22:%22Windows%22}&_=1489139930741
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23cf82cc09313b4ca270855734c90c760202e753d9292a88ba8ab2349ab64a84
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://beckernews.com
access-control-allow-credentials
true
cf-ray
6d70ce847a7159dd-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
bq-publish
publish.vuukle.com/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://publish.vuukle.com/bq-publish?callback=&{%22action%22:%22web_vitals%22,%22hashed_email%22:%22$9a065a-5f15-4292-a647-76e857d8a510%22,%22hostname%22:%2258e55d32-a7bb-45b2-86ad-8b070856d8ba%22,%22pubdomain%22:%22beckernews.com%22,%22refDomain%22:%22%22,%22sessionId%22:%22d162f80d-c25e-4be9-b9fd-c8c66a5679e1%22,%22version%22:%224.20%22,%22articleImg%22:%22%22,%22articleTitle%22:%22NY%20Times%20Sues%20Biden%20Administration%20for%20Hunter%20Biden%20Emails%20in%20Probe%20for%20Corrupt%20Foreign%20Ties%22,%22article_id%22:%2243934%22,%22hashed_article_url%22:%22https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F%22,%22referrer%22:%22Kyle%20Becker%22,%22tags%22:%22%22,%22browser%22:%22Chrome%22,%22device%22:%22Desktop%22,%22os%22:%22Windows%22,%22webVitals%22:{%22cls%22:0.04143609131368002,%22fcp%22:801,%22lcp%22:903.1}}&_=1489139930741
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://beckernews.com
access-control-allow-credentials
true
cf-ray
6d70ce847a7259dd-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1
spt
tg1.vuukle.com/api/adserver/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.vuukle.com/api/adserver/spt?AV_TAGID=60cdeb227e407c6a2a4199a4&AV_PUBLISHERID=607eaa2728f57c570863c77a
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5f65:4d5e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
046a9492b0c0ca236e165f42a8098dabfce1d6cc2ef20acc9afd32d7427db7b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 04:51:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
5329
Expires
Wed, 02 Feb 2022 04:56:51 GMT
/
trends.revcontent.com/api/delivery/ 		40 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=191051&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&icr_url=&va=0&time=1643777511105&up=pc&bn=chrome&bv=97&widget_width=640&style_id=0&idhub[pubcid]=35e0a088-dd39-4225-b54e-7410df38c2a0
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.125.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-125-248.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
7074a911d479e7ce886ef7495596eb8404a2a4094abfe3593e9cac8a2e6f33e0
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://beckernews.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
15674
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=178zUnxqQ2xtU01qc3JkSUswaVFDbkdHT2VEQVU5Tld5ckw5S0M1L2xZcXJGVkJDNFFPV2d3NkZpb25EcFVaTUVjaGZ5UmsvWWJpdElpYXNtL0tRZ1NFWGo1OXR3UlVMNjYyYVhwOFlWaTZsWkNVRnNjaTRSSnlhMFVzOFc0elNlRDBiWjlqYzdhNFYvejRtcFA5a3VLQk9QZWdNY0lxOGNCT2UvWFVrZEw1MWZZeXZMbmJGWG5tVTF2MWROQWVZdDFWWityNEpyeUQwSDNvU1VRZjB6Q3VGY25velJXQnN4R1ZDcHlBZ3RpbXJjQkE0PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1071
date
Wed, 02 Feb 2022 04:51:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
/
reporting.powerad.ai/ 		2 B
272 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
server
nginx/1.14.0 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/ 		2 B
214 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/detect-aau?ch=2
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/ 		2 B
214 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/detect-aau?ch=1
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
prebid.js
hb.brainlyads.com/ Frame 9B3D 		512 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/prebid.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
24b25a9de83f7f3cfdf7dbe49789cbc31b1f1ebd794c25a2918e90e14875f38c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 19:48:09 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61f98e79-80082"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Fri, 04 Feb 2022 04:51:51 GMT
pbjs_wrapper.v1.1.js
hb.brainlyads.com/ Frame 05C4 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
523e02dd4ec34f964addcf94fdb9796d68094b692702a6a0435e7ccf274ea88d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 20:36:02 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61f999b2-906f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Fri, 04 Feb 2022 04:51:51 GMT
pbjs_wrapper.v2.0.js
hb.brainlyads.com/ Frame 8F5A 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f303ac6af2a5ebb406d6fc50426f1c0b8bc3c915dbc1a70db7595ec6590343b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 21:24:42 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"61f9a51a-a51e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Fri, 04 Feb 2022 04:51:51 GMT
/
powerad.ai/pubPls/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
f0cdc9f83afec9ab82c2c17f1c7478740ecf2bb51fb29f01e58e5de8b3d539fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
etag
W/"12e5-i/kRqa5c+5oVjFWGJtYwav68Y5Y"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://beckernews.com
access-control-allow-credentials
true
access-control-allow-headers
*
in_search.js
resources.infolinks.com/js/1786.003-3.025/ 		123 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1786.003-3.025/in_search.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8882c05ade8d73602a50fccfc5e3d2ad0ff2427e6c7adafc2d8f13a1da7f1ec4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d70ce84cbce910d-FRA
date
Wed, 02 Feb 2022 04:51:51 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 08:38:27 GMT
server
cloudflare
age
3246
etag
W/"1eb7c-5d6782026a911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Fri, 04 Mar 2022 03:57:45 GMT
pixel
cm.g.doubleclick.net/ Frame EC8C 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YfoN5xLB1NHIy20p3eznywAABI0AAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EC8C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfoN5xLB1NHIy20p3eznywAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECaf3mBsIYdf0K4FN14zV5g&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECaf3mBsIYdf0K4FN14zV5g&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Feb 2022 04:51:51 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECaf3mBsIYdf0K4FN14zV5g&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame EC8C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfoN5xLB1NHIy20p3eznywAABI0AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfoN5xLB1NHIy20p3eznywAABI0AAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfoN5xLB1NHIy20p3eznywAABI0AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:51 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XG4WRPB11WYVV3EWTDXM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:51 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7VWPNRQ0DPACKKT0HY0Q
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfoN5xLB1NHIy20p3eznywAABI0AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame EC8C 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame EC8C
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8aceffa2-5ae5-49d6-ae3e-4e60bc852693&expiration=1675313511
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8aceffa2-5ae5-49d6-ae3e-4e60bc852693&expiration=1675313511
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Feb 2022 04:51:51 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=8aceffa2-5ae5-49d6-ae3e-4e60bc852693&expiration=1675313511
date
Wed, 02 Feb 2022 04:51:51 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame EC8C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 02 Feb 2022 04:51:51 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
ibs:dpid=23728&dpuuid=YfoN5xLB1NHIy20p3eznywAA%261165
dpm.demdex.net/ Frame EC8C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YfoN5xLB1NHIy20p3eznywAA%261165?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.112.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-112-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame EC8C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=eDVFkX5gRsdjMBSRfjUOyHkwG8ljMRPILzK3iI7a
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=eDVFkX5gRsdjMBSRfjUOyHkwG8ljMRPILzK3iI7a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Feb 2022 04:51:51 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=eDVFkX5gRsdjMBSRfjUOyHkwG8ljMRPILzK3iI7a
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ix-usync
router.infolinks.com/dyn/ Frame EC8C 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=YfoN5xLB1NHIy20p3eznywAA%261165
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d70ce84ebf7910d-FRA
content-length
35
expires
Tue, 02 Feb 2021 04:51:51 GMT
getads.htm
rt3007.infolinks.com/action/ 		125 B
241 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3007.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22articles%22%2C%22scs%22%3A%22P0qsslgVE1%22%7D%5D&rid=30745a42-029b-4287-a93f-abac44a56249&jsv=1786.003-3.025&sr=1600X1200&rts=1643777511211&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=97.0.4692.71&dv=p&ce=t&purl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&tzo=-0000&c=c&strg=true&rsd=xuB1Wn1_idRcLwi1DA0hOuRX1yS9tiXxUF2tsntwNYeVma2qmHVul1lzavxvsJtuObMxREFw6T1o_uIsQLD86OxTgaZ2fOdbg2-yMMdpJrtR8tUNn_ETlbugK4IKGtVotAlbcT5MOaehYHIxVLy2kbWSjYJhNSyj&rsk=8&rcs=jw4dThiWrIYldas7mkpnag&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1786.003-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e153bbbee25ea7782cded1453876f24f5b83b5eca8a1f55888470fb69c2f1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
6d70ce853c38910d-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1321916592&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fu4870v.vnplrs%2F&dr=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&ul=en-us&de=UTF-8&dt=NY%20Times%20Sues%20Biden%20Administration%20for%20Hunter%20Biden%20Emails%20in%20Probe%20for%20Corrupt%20Foreign%20Ties%20-%20Becker%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1619437326&gjid=193149574&cid=569924556.1643777511&tid=UA-44331619-1&_gid=930579321.1643777511&_r=1&_slc=1&z=98971686
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
view...nplrs.3u7niu
rumble.com/l/ 		35 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rumble.com/l/view...nplrs.3u7niu?p=2.3&r=94138755&ref=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&gt=2
Requested by
Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=308
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
c.92.37a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
log-code
3
content-type
image/gif
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: rumble.com
URL: https://rumble.com/embedJS/u4870v.vnplrs/?url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&args=%5B%22play%22%2C%7B%22video%22%3A%22vnplrs%22%2C%22div%22%3A%22rumble_vnplrs%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127061
x-xss-protection
0
expires
Wed, 02 Feb 2022 04:51:51 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1321916592&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fu4870v.vnplrs%2F&dr=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&ul=en-us&de=UTF-8&dt=NY%20Times%20Sues%20Biden%20Administration%20for%20Hunter%20Biden%20Emails%20in%20Probe%20for%20Corrupt%20Foreign%20Ties%20-%20Becker%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Embed&ea=View&el=vnplrs&_u=aEDAAUABAAAAAC~&jid=&gjid=&cid=569924556.1643777511&tid=UA-44331619-1&_gid=930579321.1643777511&z=1002703030
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 14:22:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52155
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
tcf-2.0-loader.js
s.flocdn.com/cmp/2.1.5/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/cmp/2.1.5/tcf-2.0-loader.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-118.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8548d22e0fe82f9ac98dd5148510c0bb6885aad92f661876a8078b9be620ea2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wQvfArGm4NUbysSJrtVS3ZpC3nVy3TQX
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 18:56:38 GMT
server
AmazonS3
age
574625
etag
"76a73c81315c9027897fe77eaf004971"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Wed, 26 Jan 2022 13:14:49 GMT
x-amz-cf-pop
FRA53-C1
content-length
731
x-amz-cf-id
K-aXgI7UQb18p1o1N_5tthkdaUJ__qCjy77QzIAE4rKiprWNJRGB-A==
tcf-2.0-cmp.js
s.flocdn.com/cmp/2.1.5/ 		196 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/cmp/2.1.5/tcf-2.0-cmp.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-118.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b697ae3266afd70d1108fda9eea78b90db518003f1049e6913ad0e0368723fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
48ARPSLZlw2ZZQ6p5TwVOlBq9Em.2oPT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 18:56:39 GMT
server
AmazonS3
age
88302
etag
"35e7e72756bed474488f67103c1a4b70"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Tue, 01 Feb 2022 04:20:14 GMT
x-amz-cf-pop
FRA53-C1
content-length
48610
x-amz-cf-id
kEW7uuM1Tr6ynL1Eq7-8q2X5k5Up7YhZm0uEkkLqpS4YlJrUV86GSA==
config.js
confiant-integrations.global.ssl.fastly.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/config.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cc8fba655222d052e069a5fa6152920559e0c665d31bbaebc2c2f1797e1ceeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 04:51:51 GMT
Content-Encoding
gzip
Age
3341
X-Cache
HIT
Connection
keep-alive
Content-Length
11915
x-amz-id-2
mcbhZQhCONICv+ZfqD4qpHdlpun89r95314XuzimRfgHVe9ZkHy4GWkAQIMauKGr1BkMssila4I=
X-Served-By
cache-hhn4027-HHN
Last-Modified
Wed, 02 Feb 2022 03:36:55 GMT
Server
AmazonS3
X-Timer
S1643777511.443539,VS0,VE0
ETag
"4896e3dfd72310abd19543a995a950fb"
x-amz-request-id
KY72810RJVHHTKKY
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
100
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
413d6a64ecbfb5ad83e7ea4d1b670151741e78a16227ebb6adca391deaef3f25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27277
x-xss-protection
0
server
sffe
etag
"1119 / 437 of 1000 / last-modified: 1643756703"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 02 Feb 2022 04:51:51 GMT
RXvX1snpkkVVqv67AyPno-pDCsw.js
beckernews.com/cdn-cgi/apps/head/ Frame F0D5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/cdn-cgi/apps/head/RXvX1snpkkVVqv67AyPno-pDCsw.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/breaking-project-veritas-scores-major-victory-against-the-new-york-times-43489/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2403c547323e252309d499941b20324d71d113374e88da01e7a2bec540568946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651776
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
9FJTKY56G8A63VBT
x-amz-id-2
OqtKwNTsWYuoG7fe1mVGSbwNKC5hKg4r6SxAPduGXGNXaSA6sCt62AT7HH0I1nngak8oE+eI+Gc=
last-modified
Thu, 18 Mar 2021 12:52:20 GMT
server
cloudflare
etag
W/"ffe7e172d4574a588b2d1868db5cb38d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1rK8fRko9mVRNrkeujOWn2lKIDB0Qs%2BZuCMBpIyY7Eqg8QLnK7%2BilN%2F17FlA1X4c3XFa9o1lEXH3HxUTYPnZVnol2WoaM2PtIrETlIJAghMeXNJNW2x86Asoqb26mFcCK90jKyEAyJYcbRxNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
f62hFwR4WjE0xn6AOFt6FCRZ09TOy9Zm
cf-ray
6d70ce879ef9374d-MXP
invisible.js
beckernews.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame F0D5 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/breaking-project-veritas-scores-major-victory-against-the-new-york-times-43489/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0722a7e24a4dfbcee6446de27d9cdec151cf9dedfd4875633214fbe07b26276e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mxh5DQO3uwpLQwCoQMnbe7p6HVEqE6R0TyG42oJ7l2C9Tid43tg6mHTuuESRgZyCqIksIFxR%2F9TgMwFIWayqqeG6zfaR1vOBWZuQS4mnotUToFytaXjoxRI71b33kc6icJ1KBcoTs%2Bu3T0wOdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6d70ce879efa374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bn-favs-150x150.png
beckernews.com/wp-content/uploads/2021/01/ Frame F0D5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beckernews.com/wp-content/uploads/2021/01/bn-favs-150x150.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/breaking-project-veritas-scores-major-victory-against-the-new-york-times-43489/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5091be81b842fa184aa87eb73febbff2ba72ec1afc55e959ef29dbbf9b8853

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149132
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2722
last-modified
Wed, 20 Jan 2021 19:04:09 GMT
server
cloudflare
etag
"60087ea9-aa2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxeoXR1lwS66iE%2BJ354%2F%2Fq6JfqfDUoBUQ37Ms3afGLduAVKhFlf8lICIBB%2BG4X9lCJeBswZFHTNDiHzfUWodon9eveUxAAIirWxWOf1jgV6MAxWlObQ4hxHf34IEv4tZva0N1KKTt1xa2bDnew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6d70ce8a5939374d-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-44331619-1&cid=569924556.1643777511&jid=1619437326&gjid=193149574&_gid=930579321.1643777511&_u=aEDAAUABAAAAAC~&z=2125144874
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 02 Feb 2022 04:51:51 GMT
content-type
text/plain
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
Hc6PdfQeAi.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.12.66 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-12-66.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2753
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
251
a.ad.gt/api/v1/u/matches/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&ref=
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.59.174 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-59-174.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
b9094c4b0fb618d27300420cc664a9d7a2a8144c09941cfba09d66ea67370532

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
server
nginx/1.18.0
content-length
3382
content-type
application/javascript
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.125.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-125-248.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://beckernews.com
date
Wed, 02 Feb 2022 04:51:51 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6fe2ed7936281998340e0a1ace5a4e424174d3ad52dcd761e80200b79f0d5dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
last-modified
Fri, 28 Jan 2022 20:59:46 GMT
server
AmazonS3
x-amz-request-id
1TNVTMH2CEW97ND1
etag
"55d89158d04a8f9d41a2e87fe9731322"
x-hw
1643777511.cds133.fr8.hn,1643777511.cds154.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
8043
x-amz-id-2
Vy+shk4VfltrwIEbW/Ktk3dtuqVpWVn4N+N5LY3AuRGyVUhcorh8/AqACEQBHO8SVzotVHmibA4=
defaultWidget.delivery.js
assets.revcontent.com/master/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83fdb91b2adf11e77ab7f337f1ae7fe54d6f04cd903f4e437183e52b9c2652ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
last-modified
Fri, 28 Jan 2022 20:59:43 GMT
server
AmazonS3
x-amz-request-id
1TNZM1F3VB8QXFB3
etag
"8f42fe2f017b7323c7c655a3840389f0"
x-hw
1643777511.cds133.fr8.hn,1643777511.cds280.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
6921
x-amz-id-2
MUcg+vScellL5kJdgjY1ljtRjRcbVIFXlMiprH3xCEGPmp+ahUUNOtEyCPFPSZdpA3VGt5gsDic=
commonModal.delivery.js
assets.revcontent.com/master/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/commonModal.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef5c4f8a147f15f5f3b64b08f1c63f9f8d10d81f32074399f3e4de897be1fd3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
last-modified
Fri, 28 Jan 2022 20:59:45 GMT
server
AmazonS3
x-amz-request-id
1TNRQM4SQFVRGXH5
etag
"ff67c032afff51210535f6340e1d8cbe"
x-hw
1643777511.cds133.fr8.hn,1643777511.cds002.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
1640
x-amz-id-2
AhnS8JOsaQ8F328+xbaA924AmaLYf30Q0Y7Vq43UjGUppsDCN03766rcGXAoUUMwqluCqATR0U4=
/
img.revcontent.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
last-modified
Wed, 01 Jul 2020 17:13:25 GMT
etag
"1593623605"
x-hw
1643777511.cds167.fr8.hn,1643777511.cds260.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20438
dc.js
stats.g.doubleclick.net/ Frame CE7E 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13726301584595302?pubid=ld-13726301584595302-692&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=640
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1058
date
Wed, 02 Feb 2022 04:34:13 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Wed, 02 Feb 2022 06:34:13 GMT
dc.js
stats.g.doubleclick.net/ Frame 393E 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13726297860053350?pubid=ld-13726297860053350-151&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=640
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1058
date
Wed, 02 Feb 2022 04:34:13 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Wed, 02 Feb 2022 06:34:13 GMT
dc.js
stats.g.doubleclick.net/ Frame A0A4 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13726299873319270?pubid=ld-13726299873319270-436&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=640
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1058
date
Wed, 02 Feb 2022 04:34:13 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Wed, 02 Feb 2022 06:34:13 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3586
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6d70ce8649c63760-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 04 Mar 2022 04:51:51 GMT
avcplayer.js
player.avplayer.com/script/2/v/ 		242 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: tg1.vuukle.com
URL: https://tg1.vuukle.com/api/adserver/spt?AV_TAGID=60cdeb227e407c6a2a4199a4&AV_PUBLISHERID=607eaa2728f57c570863c77a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5f65:4d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8889425709593626cd565d67e0f48405e66aca6a1dd9fb77b22519ef54aec62e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtBQz9ERMkJiJdyCikeB5T7zKRVmhqHKjXdp6ErjS6BdSxManuEhiEv5V54ElfoloxuzbG7rxM3bAKqJLFouMg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
59052
last-modified
Tue, 18 Jan 2022 12:19:31 GMT
server
UploadServer
etag
"6b1f9ce6444ce84da9526826384884e4"
vary
Accept-Encoding
x-goog-hash
crc32c=H1LJrA==, md5=ax+c5kRM6E2pUmgmOEiE5A==
content-language
en
x-goog-generation
1642508371365954
cache-control
public, max-age=300
x-goog-stored-content-length
59052
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 02 Feb 2022 04:56:51 GMT
track
servt.vuukle.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vuukle.com/track?pid=607eaa2728f57c570863c77a&cid=60c37ca68d20f0118e3ae307&cb=1643777511408&r=beckernews.com&stagid=60cdeb227e407c6a2a4199a4&stplid=608a9f291cc704381f4f47f8&d35=&e=playerLoaded
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.88.244.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-244-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
rc-logo.png
cdn.revcontent.com/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
last-modified
Mon, 31 Jan 2022 15:41:53 GMT
etag
"1643643713"
x-hw
1643777511.cds216.fr8.hn,1643777511.cds130.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=6436
accept-ranges
bytes
content-length
4298
yeet
yeet.revcontent.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.101.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-101-2.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://beckernews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
access-control-allow-headers
Origin,Content-Length,Content-Type
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD
access-control-allow-origin
*
access-control-max-age
43200
yeet
yeet.revcontent.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.101.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-101-2.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 02 Feb 2022 04:51:51 GMT
result
beckernews.com/cdn-cgi/challenge-platform/h/g/cv/ 		2 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/cdn-cgi/challenge-platform/h/g/cv/result?req_id=6d70ce7cad8a374d
Requested by
Host: beckernews.com
URL: https://beckernews.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WavY8%2FFpDqdvdNzL3b7QKeqZB6Q%2B7ZECsWs1uhJFgNKATkQih3HGXFGyIgf7NAy8JLYKARp%2B%2FYomKXl0%2FwHPxiC6H60YHstmOewe7%2FwyNWwyRi5rqKQo1DpBrgs3rUNySQUFv%2BFS9wSvkCIKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
6d70ce8988a7374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44331619-1&cid=569924556.1643777511&jid=1619437326&_u=aEDAAUABAAAAAC~&z=404043226
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44331619-1&cid=569924556.1643777511&jid=1619437326&_u=aEDAAUABAAAAAC~&z=404043226
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
15263283421593005855.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15263283421593005855.jpg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
67c9ac3fbe66e4ffcd141c32ee16b875119de3a5548212747a99e158a7aab3c8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;start=2021-11-11T17:40:36.102Z;desc=hit,rtt;dur=0
content-length
6092
last-modified
Thu, 11 Nov 2021 17:39:12 GMT
server
Cloudinary
etag
"80ffa74a29259d070627b19575cbe372"
vary
Save-Data
x-hw
1643777511.cds217.fr8.hn,1643777511.cds041.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
15746815770080261269.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15746815770080261269.jpg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
0f05526ff3afc37a0c1656a09e4a6fee5571350318ed13be65156fb24e54b394
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=127;cpu=1;start=2021-11-11T17:39:44.554Z;desc=miss,rtt;dur=0,cloudinary;dur=35;start=2021-11-11T17:39:44.597Z
content-length
6727
last-modified
Thu, 11 Nov 2021 17:39:38 GMT
server
Cloudinary
etag
"17b970cb43494b9c79628393217af29b"
vary
Save-Data
x-hw
1643777511.cds217.fr8.hn,1643777511.cds103.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
d649bbb32f986cfedf1e483d485393e6.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/d649bbb32f986cfedf1e483d485393e6.jpg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
ef026e13d21b56d14ffd8901bcc355cc7db094f1cfefed281c5de78c8a05b911
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2022-02-02T04:51:51.755Z;desc=hit,rtt;dur=0
content-length
6625
last-modified
Mon, 06 Dec 2021 19:09:48 GMT
server
Cloudinary
etag
"50bc2228eaff517f0cb0f2a845ab7aca"
vary
Save-Data
x-hw
1643777511.cds217.fr8.hn,1643777511.cds002.fr8.sc,1643777511.cds002.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
8f5a2dbb9fb0533c79f95153d817bfd8.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/8f5a2dbb9fb0533c79f95153d817bfd8.jpg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
fff132c8dc9caacc695aac6e4910e6812e4dcf87e5540ae45371d9859b39fdea
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2022-02-02T02:43:23.098Z;desc=hit,rtt;dur=0
content-length
5003
last-modified
Fri, 03 Dec 2021 16:15:45 GMT
server
Cloudinary
etag
"248a559e394d06a8c8fe8c2be7acb509"
vary
Save-Data
x-hw
1643777511.cds217.fr8.hn,1643777511.cds228.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
c0cad197c78a9435ad76fca60545a848.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/c0cad197c78a9435ad76fca60545a848.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
ae0b601fc46c8d0051e388e6abcf8e6bbfc30d2e0bfdf9f14fb1778d8de4cc73
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-11-11T17:39:36.656Z;desc=hit,rtt;dur=0
content-length
7588
last-modified
Thu, 11 Nov 2021 17:39:08 GMT
server
Cloudinary
etag
"9b08aaeca55b10f37616e9678519b700"
vary
Save-Data
x-hw
1643777511.cds217.fr8.hn,1643777511.cds242.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
15668970320741716000.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15668970320741716000.jpg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
85a128ece4d65c4e635e7566fddfdce529b54491b4d934e5a2e88013f3dcad36
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=108;cpu=0;start=2021-11-11T17:58:07.549Z;desc=miss,rtt;dur=0,cloudinary;dur=17;start=2021-11-11T17:58:07.594Z
content-length
10465
last-modified
Thu, 11 Nov 2021 17:39:36 GMT
server
Cloudinary
etag
"a35aaebaf12af3967fa22119d04ba2c7"
vary
Save-Data
x-hw
1643777511.cds217.fr8.hn,1643777511.cds163.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
6d0bccff1cb8554b326d0a0e862bb706.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/6d0bccff1cb8554b326d0a0e862bb706.jpg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
638aab372d01f87bd3b827714d4b72124ad034765c8cde1939b233f59fcb62c9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=2;cpu=1;start=2022-01-30T19:51:19.306Z;desc=hit,rtt;dur=0
content-length
8120
last-modified
Mon, 06 Dec 2021 18:12:52 GMT
server
Cloudinary
etag
"34a1a12be18df72c5c2654d698d34be1"
vary
Save-Data
x-hw
1643777511.cds217.fr8.hn,1643777511.cds212.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
2ed463e23609430b95da7ff64cdf046b.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/2ed463e23609430b95da7ff64cdf046b.jpeg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
16d71e21df34a94ff40c517853c978c696cb27895b4a0b64637a48f8cc58453d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=116;cpu=0;start=2021-11-11T17:39:59.251Z;desc=miss,rtt;dur=1,cloudinary;dur=19;start=2021-11-11T17:39:59.300Z
content-length
5549
last-modified
Thu, 11 Nov 2021 17:39:19 GMT
server
Cloudinary
etag
"37c3a450dab5106a7cb18ee11fa8eb3a"
vary
Save-Data
x-hw
1643777511.cds217.fr8.hn,1643777511.cds145.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
5fccacf272ccd4-36717179.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/5fccacf272ccd4-36717179.jpg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
52e2553c61bcf363e21cf85d1d25fd089a795099a1f3a8fdb6ec6f67606c0ce6
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=291;cpu=0;start=2021-12-17T08:22:36.603Z;desc=miss,rtt;dur=0,cloudinary;dur=200;start=2021-12-17T08:22:36.647Z
content-length
5063
last-modified
Thu, 11 Nov 2021 20:54:28 GMT
server
Cloudinary
etag
"5dfa41fe56dde0da023d2a91133f5335"
vary
Save-Data
x-hw
1643777511.cds217.fr8.hn,1643777511.cds001.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
pubads_impl_2022012701.js
securepubads.g.doubleclick.net/gpt/ 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 01:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122333
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 09:34:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Feb 2023 01:16:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		154 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=beckernews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
62a9c3994c6e62ae0cae5c4a5dafe072f0c7100ae5d11db203fec60d0695e6b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105
x-xss-protection
0
expires
Wed, 02 Feb 2022 04:51:51 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201311507/ 		187 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201311507/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
873af853dede2eef6d739dd841fb21596d262ff33e68a965eb377e47ed8d4c7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 04:51:51 GMT
Content-Encoding
gzip
Age
348
X-Cache
HIT
Connection
keep-alive
Content-Length
60844
x-amz-id-2
vBQA0xyF6JfcErbnfkiWx4wb2dA8T2TL0+ZtaUaGn4QCOgytdEmgTS2Dc6jUktfcpYcEpfx8I8w=
X-Served-By
cache-hhn4027-HHN
Last-Modified
Mon, 31 Jan 2022 20:08:36 GMT
Server
AmazonS3
X-Timer
S1643777512.744996,VS0,VE0
ETag
"d4a52cf643f8d535f6f826b1707f5291"
x-amz-request-id
ND6R3P1D9B6T0NAN
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
309
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 0CB3 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 11:36:18 GMT
expires
Tue, 31 Jan 2023 11:36:18 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
148533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 04:51:51 GMT
a..4870v.4870v.nplrs.c.5r.1e0gw6t
rumble.com/l/ 		35 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rumble.com/l/a..4870v.4870v.nplrs.c.5r.1e0gw6t?p=2.3&r=94138755&ref=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&t=6&a=0&art=0&atype=0&et=792&gt=2
Requested by
Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=308
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
c.92.37a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
log-code
3
content-type
image/gif
a..4870v.4870v.nplrs.c.5r.1e0gw6t
rumble.com/l/ 		35 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rumble.com/l/a..4870v.4870v.nplrs.c.5r.1e0gw6t?p=2.3&r=94138755&ref=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&t=5&a=0&art=0&atype=0&et=793&gt=2
Requested by
Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=308
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
c.92.37a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
log-code
3
content-type
image/gif
wf9_ZK3FkN211lqPa9eHRKEVRcw.js
beckernews.com/cdn-cgi/apps/body/ Frame F0D5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/cdn-cgi/apps/body/wf9_ZK3FkN211lqPa9eHRKEVRcw.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/cdn-cgi/apps/head/RXvX1snpkkVVqv67AyPno-pDCsw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
767e37bcd6daaf0e719be2ba4bba0a36a11040e971b918a068bf8cb0ea9c4aca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
650932
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
VNAD9S9D2BC9S2X1
x-amz-id-2
M0IZQMTE+q6InJVaTJuNpdBZQz+Y8Epk5UCQo6HdwrBRol/J0/Ea+UydDvZow2IZ9J1GiBeMhR4=
last-modified
Thu, 18 Mar 2021 12:52:19 GMT
server
cloudflare
etag
W/"4d628b673cad1387db2cd989f9e6ff7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJ0zbm2aD2BwwP2OrakZgCdhS%2B7EdcZlB6m7VdPs1weKDyYFvqZh9vWLwRC7U1563%2Fe50%2FA7cYYKg6amBv6A44cY3SSYu%2Buqg3s6fxec07X9NOGjkhCIIwvSqZrjue1WxAs2rbKtMsxAH2T12g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
LB7ZNXFAI3CyolxnCUcO3sbxJr7XBBwv
cf-ray
6d70ce8a693c374d-MXP
wp-emoji-release.min.js
beckernews.com/wp-includes/js/ Frame F0D5 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9
Requested by
Host: beckernews.com
URL: https://beckernews.com/breaking-project-veritas-scores-major-victory-against-the-new-york-times-43489/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Sep 2021 08:23:19 GMT
server
cloudflare
age
4738
etag
W/"613089f7-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eCU0vLrEp2idulX%2B1Khaf2izoDwi7rdULzaqLxsxBrXzRDPJYow%2BsHmtfbKROrDPiwYnOZQ8QUauiJPAC765mMAFaJcqFjBE219cCIEFzjr7Sg5ihPl0LDEEBTC5%2Ft3WLeKnTCsCyPQyG9mFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d70ce8a693d374d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		251 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
Vuukle_Logo.png
play.aniview.com/607eaa2728f57c570863c77a/607fe73886f9bc60e66237eb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.aniview.com/607eaa2728f57c570863c77a/607fe73886f9bc60e66237eb/Vuukle_Logo.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:fb:5a7::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
261e918e8e6767d021cb4dc761152a7d09ea8d298288776ac2fea357e7801d45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 04:51:51 GMT
X-GUploader-UploadID
ABg5-Uzd3HhoS-_7dAULgyvPPN1m6aYw5cz0DGNcycdT9OQJVxNE8P5hj-qOo3m5abO6k_emT5O4boIRp5urI8PAPm1GlA_eTw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
2011
Last-Modified
Wed, 21 Apr 2021 08:50:07 GMT
Server
UploadServer
ETag
"70e93cb7c40233baa5b4491131508d88"
x-goog-hash
crc32c=76+VqQ==
x-goog-generation
1618995007463943
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=1800
x-goog-stored-content-length
2011
Accept-Ranges
bytes
Content-Type
image/png
Expires
Wed, 02 Feb 2022 05:21:51 GMT
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame B6A6 		347 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:fb:5a7::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
bb6bd69700e21a8f9bc89da3eb5609dc34ebecaa70165a66771e04fbaa369131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdugIIgoaANILBtgo91edbEkB8PQUk-F54zZju0292ah7QAS-Bg_wrGkp1prTSoLyw_wfgsmW-ocXDvf6rwWXZk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99205
last-modified
Thu, 20 Jan 2022 11:23:37 GMT
server
UploadServer
etag
"c4fd3c1c12f1603b143af9c821681876"
vary
Accept-Encoding
x-goog-hash
crc32c=hrQu+g==, md5=xP08HBLxYDsUOvnIIWgYdg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1642677817486292
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99205
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 02 Feb 2022 04:56:51 GMT
truncated
/ Frame F0D5 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F0D5 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
bba12d8ac3a1e2c24fd6e4e346ceeccf9e2150089233dfe1008d7539f4646795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52960
x-xss-protection
0
server
cafe
etag
16306158793215570348
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 04:51:51 GMT
advertising.js
rddywd.com/ Frame F0D5 		9 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rddywd.com/advertising.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
80723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9
last-modified
Tue, 01 Feb 2022 06:26:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1dwILiZicO9%2BZq%2FZelnwZRH5pWHxJqGZv3r2oUDJ3%2BGArph5TyezSQgpxrMLq%2B8GdH7odHXfhOCsSjyUPK1ujcxvHTzaBBA4oen%2FY6EQgYijvCwx3w77iz3DaOF1VRz6g%2BQ5DbkulDi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86401
accept-ranges
bytes
cf-ray
6d70ce89bcd73756-MXP
adcode.png
rddywd.com/ Frame F0D5 		43 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rddywd.com/adcode.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/breaking-project-veritas-scores-major-victory-against-the-new-york-times-43489/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
45380
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZ4m374ZtqsixMsd3y9i0TyyE2or49wncWL9NEVPStPUauuwcLWidamNMluNE8F5G3SGpZo3XNJQqDgrRsLfpBSe%2FtmR2PRlwOk7ICX763fZ8Ef1QLn0HBr%2BHor50Je50Kb98U0iRwdz"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86401
accept-ranges
bytes
cf-ray
6d70ce89ca5783bb-MXP
generate_204
www.googleapis.com/ Frame F0D5 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: beckernews.com
URL: https://beckernews.com/breaking-project-veritas-scores-major-victory-against-the-new-york-times-43489/embed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
truncated
/ Frame F0D5 		397 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
Vuukle_default_1.mp4
media.vuukle.com/ 		124 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://media.vuukle.com/Vuukle_default_1.mp4
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://beckernews.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Aug 2021 05:39:20 GMT
server
cloudflare
age
89946
etag
"6114b408-19557c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 0-1660283/1660284
cache-control
max-age=31536000
cf-ray
6d70ce89494e5a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1660284
ivtreporter.html
cdn.vuukle.com/widgets/ Frame AC0F 		1 KB
812 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/widgets/ivtreporter.html
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf24bb0fcc3cd1301d5fe72ee9d6d2cd791904d4a11053e4e4d5409f7a143775

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-type
text/html
cf-ray
6d70ce894b520f56-MXP
access-control-allow-origin
*
age
89973
cache-control
max-age=10800
last-modified
Fri, 28 Jan 2022 13:24:41 GMT
vary
Accept-Encoding
cf-cache-status
HIT
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
Content-Length,Content-Range
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 81F3 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 03:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 02 Feb 2022 04:56:34 GMT
213794966
fundingchoicesmessages.google.com/i/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/213794966?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d93c9af44c52985a421487d9eea6032d2f3bd0c9d55f60b154ff3533a4836563
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-7pMo7CQXidVfyv411OyGmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-7pMo7CQXidVfyv411OyGmw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-7pMo7CQXidVfyv411OyGmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-7pMo7CQXidVfyv411OyGmw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options
SAMEORIGIN
date
Wed, 02 Feb 2022 04:51:52 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
c.mgid.com/pv/ 		0
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1643777511930573498172&uniqId=03eac&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&lu=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&sessionId=61fa0de8-0a234&pageView=1&pvid=17eb8c651fa8905875d&site=682890&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beckernews.com.1078868.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d70ce89bc419171-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.125.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-125-248.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://beckernews.com
date
Wed, 02 Feb 2022 04:51:51 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.125.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-125-248.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://beckernews.com
date
Wed, 02 Feb 2022 04:51:51 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
track
servt.vuukle.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vuukle.com/track?r=beckernews.com&sn=&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.1.2.99&apppkg=&fv=1&proto=https&pid=607eaa2728f57c570863c77a&cid=60c37ca68d20f0118e3ae307&stagid=60cdeb227e407c6a2a4199a4&stplid=608a9f291cc704381f4f47f8&e=inventory&vi=54&cb=1643777512020
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.88.244.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-244-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
js.cookie.min.js
cdn.jsdelivr.net/npm/js-cookie@3.0.1/dist/ Frame AC0F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/js-cookie@3.0.1/dist/js.cookie.min.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/widgets/ivtreporter.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.vuukle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
8582699
x-jsd-version
3.0.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19136-FRA, cache-mxp6970-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"691-nsW9ygnrEUkpEGcvy0hZTQTrY68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6d70ce8a7d775a13-MXP
gen_204
pagead2.googlesyndication.com/pagead/ Frame F0D5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jserror&context=166&msg=SecurityError%3A%20Failed%20to%20read%20the%20%27cookie%27%20property%20from%20%27Document%27%3A%20The%20document%20is%20sandboxed%20and%20lacks%20the%20%27allow-same-origin%27%20flag.%0AError%3A%20Failed%20to%20read%20the%20%27cookie%27%20property%20from%20%27Document%27%3A%20The%20document%20is%20sandboxed%20and%20lacks%20the%20%27allow-same-origin%27%20flag.%0Aat%20gi.get%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A95%3A65)%0Aat%20kk%20(adsbygoogle.js%3A129%3A1176)%0Aat%20new%20lk%20(adsbygoogle.js%3A129%3A1325)%0Aat%20mk%20(adsbygoogle.js%3A129%3A1491)%0Aat%20adsbygoogle.js%3A236%3A801%0Aat%20Zh.n.na%20(adsbygoogle.js%3A88%3A779)%0Aat%20aj%20(a&shv=r20220131&mjsv=m202201240101&eid=31063752%2C42531398%2C31064528%2C31063246&url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F
Requested by
Host: beckernews.com
URL: https://beckernews.com/breaking-project-veritas-scores-major-victory-against-the-new-york-times-43489/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
haloid
aufp.io/api/v1/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aufp.io/api/v1/haloid
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.22.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-22-107.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 00:28:16 GMT
server
nginx/1.18.0
etag
W/"1643761696.0-6132-2958560116"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*, *
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
public, max-age=43200
origin-trial
A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires
Wed, 02 Feb 2022 16:51:52 GMT
251
p.ad.gt/api/v1/p/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/251
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.22.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-22-107.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
7e75dc45a4ebc4bae4111477b5611cd04299866b36d34e93b89e6dffe4b5b039

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 00:26:38 GMT
server
nginx/1.18.0
etag
W/"1643761598.0-26494-2710964840"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
public, max-age=43200
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires
Wed, 02 Feb 2022 16:51:52 GMT
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&adnxs_id=$UID
  • https://ids.ad.gt/api/v1/match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&adnxs_id=4508530143694285294
43 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&adnxs_id=4508530143694285294
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Wed, 02 Feb 2022 16:51:52 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:52 GMT
X-Proxy-Origin
217.64.151.3; 217.64.151.3; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
bd86c6c8-aa0f-414b-bffc-908120e4e01c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ids.ad.gt/api/v1/match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&adnxs_id=4508530143694285294
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=0051ca09-1455-4e27-bb5b-bb85f25a7be4
  • https://ids.ad.gt/api/v1/t_match?tdid=a585cdf0-ef00-4865-983c-fcbe375aa250&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
43 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=a585cdf0-ef00-4865-983c-fcbe375aa250&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Wed, 02 Feb 2022 16:51:52 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=a585cdf0-ef00-4865-983c-fcbe375aa250&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D0051ca09-1455-4e27-bb5b-bb85f25a7be4
  • https://ids.ad.gt/api/v1/pbm_match?pbm=826B3EDD-00F9-480F-9464-B85A4BD90237&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=826B3EDD-00F9-480F-9464-B85A4BD90237&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Wed, 02 Feb 2022 16:51:52 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=826B3EDD-00F9-480F-9464-B85A4BD90237&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
date
Wed, 02 Feb 2022 03:14:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
  • https://ids.ad.gt/api/v1/g_match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&google_gid=CAESEO-D8aQ-x9sOxkIdR89-KZE&google_cver=1&google_ula=450542624,0
43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&google_gid=CAESEO-D8aQ-x9sOxkIdR89-KZE&google_cver=1&google_ula=450542624,0
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Wed, 02 Feb 2022 16:51:52 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ids.ad.gt/api/v1/g_match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&google_gid=CAESEO-D8aQ-x9sOxkIdR89-KZE&google_cver=1&google_ula=450542624,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MDA1MWNhMDktMTQ1NS00ZTI3LWJiNWItYmI4NWYyNWE3YmU0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MDA1MWNhMDktMTQ1NS00ZTI3LWJiNWItYmI4NWYyNWE3YmU0
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MDA1MWNhMDktMTQ1NS00ZTI3LWJiNWItYmI4NWYyNWE3YmU0
date
Wed, 02 Feb 2022 04:51:52 GMT
server
nginx/1.18.0
content-length
473
content-type
text/html; charset=utf-8
ppnt_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
  • https://ids.ad.gt/api/v1/ppnt_match?uid=B9rDb5rmqBBL&ev=1&pid=562316&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ppnt_match?uid=B9rDb5rmqBBL&ev=1&pid=562316&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Wed, 02 Feb 2022 16:51:52 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://ids.ad.gt/api/v1/ppnt_match?uid=B9rDb5rmqBBL&ev=1&pid=562316&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-67774fc8c-hr5q7
expires
-1
adb_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=0051ca09-1455-4e27-bb5b-bb85f25a7be4&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D0051ca09-1455-4e27-bb5b-bb85f...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=0051ca09-1455-4e27-bb5b-bb85f25a7be4&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D0051ca0...
  • https://ids.ad.gt/api/v1/adb_match?adb=06545683187895026300571796834151375702&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/adb_match?adb=06545683187895026300571796834151375702&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Wed, 02 Feb 2022 16:51:52 GMT

Redirect headers

DCS
dcs-prod-irl1-2-v027-0e1375e85.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
8FJo9ObkTx4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://ids.ad.gt/api/v1/adb_match?adb=06545683187895026300571796834151375702&id=0051ca09-1455-4e27-bb5b-bb85f25a7be4
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3D0051ca09-1455-4e27-bb5b-bb85f25a7be4%26sas_uid%3D%5bsas_uid%5d
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&sas_uid=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&sas_uid=[sas_uid]&cklb=1
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
HTTP/1.1
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&sas_uid=[sas_uid]&cklb=1
pragma
no-cache
date
Wed, 02 Feb 2022 04:51:51 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Vuukle_default_1.mp4
media.vuukle.com/ 		53 KB
54 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://media.vuukle.com/Vuukle_default_1.mp4
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e34c1f33699b063fdeabd6f6097f5dee67969aa618a86e44765b945d0ad9197

Request headers

Referer
https://beckernews.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=1605632-

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Aug 2021 05:39:20 GMT
server
cloudflare
age
89069
etag
"6114b408-19557c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 1605632-1660283/1660284
cache-control
max-age=31536000
cf-ray
6d70ce8a5c550f56-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
54652
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
br
cf-cache-status
HIT
age
3443
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
563Q182XKKBGBPYA
x-amz-id-2
bdPUe4HjGqrAVg8eEZZYoC6KD28ITcgPDbSbHjAUGcQb3btZBQnFND4c/5y2yIgUVrant8QWGnY=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6d70ce8a6857915f-FRA
expires
Thu, 03 Feb 2022 04:51:52 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
br
cf-cache-status
HIT
age
3442
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G7XVAWHV2A1TM5YQ
x-amz-id-2
YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6d70ce8a6859915f-FRA
expires
Thu, 03 Feb 2022 04:51:52 GMT
mediaite_logo.png
cdn.mgid.com/images/logos/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/mediaite_logo.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ee6592c25ab27ff2bc7f2d8cb36b768e46b4e0f4475fe8b366fd9e2582db2ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
HIT
age
2034
cf-polished
origFmt=png, origSize=20799
last-modified
Wed, 11 Nov 2020 16:03:03 GMT
content-length
8044
content-disposition
inline; filename="mediaite_logo.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZBQW5CYY0XX88ENC
x-amz-id-2
OqXmNGU3XJUOGfApfK+pdoi9rIv5kXueohKjEgc0gFkZ4QoVM6L3Y3Tew0eBITvcAC+zYIBtA98=
cf-bgj
imgq:85,h2pri
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1605110573/ctime:1605110573/gid:0/gname:root/md5:a5ebb569767472ea4f8a9dd4e7e0fb04/mode:33206/mtime:1605110573/uid:0/uname:root
etag
"a5ebb569767472ea4f8a9dd4e7e0fb04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
6d70ce8a685a915f-FRA
expires
Thu, 03 Feb 2022 04:51:52 GMT
/
serv.vuukle.com/api/adserver/tag/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv.vuukle.com/api/adserver/tag/?AV_TAGID=60cdeb227e407c6a2a4199a4&AV_PUBLISHERID=607eaa2728f57c570863c77a&AV_VIDEOURL=https%3A%2F%2Fmedia.vuukle.com%2FVuukle_default_1.mp4&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&AV_CHANNELID=60c37ca68d20f0118e3ae307&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=beckernews.com&AV_DADPOS=1&AV_TAG=60cdeb227e407c6a2a4199a4&AV_TEMPLATE=608a9f291cc704381f4f47f8&d36=6.1.2.99&responsive=1&sver=1&avtoken=512020&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=1643777512062
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.110.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-110-80.compute-1.amazonaws.com
Software
/
Resource Hash
17f618f8f01a1d57729c1b78fbd15edd64764c1dbdb2377fa84a5f39ee1c67c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://beckernews.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Fri, 21 Jan 2022 15:05:12 GMT
AGSKWxVb8M-54Z4OFLEOkqClfVibZd82JSj9K_1keVUVr7aaOFXq5cUlGw7SI1i_IUonGEV9K_WVboMKlGUmiB5YDWk=
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVb8M-54Z4OFLEOkqClfVibZd82JSj9K_1keVUVr7aaOFXq5cUlGw7SI1i_IUonGEV9K_WVboMKlGUmiB5YDWk=?pvid=39A2B858-9786-4B22-922A-FC8E3E50D852&anonid=DA7A6A4D-BC0B-4F89-B7C5-718CF4EA5535
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rLR0c9tYF-A.es5.O/d=1/rs=AJlcJMz6Yf6l0R78eyE87SXVxNqZ8ozJsQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CdxeQGytSPN9auQIQTxMyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-CdxeQGytSPN9auQIQTxMyA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CdxeQGytSPN9auQIQTxMyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-CdxeQGytSPN9auQIQTxMyA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXvkwxbB-LfQSZr7gDJcHeljHl8LRRaZj9jpDbLUGamanC0DSFG_9V-O4fC48c-kToi2bR9pD-2QuuO1J_Mx4U=
fundingchoicesmessages.google.com/f/ 		303 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXvkwxbB-LfQSZr7gDJcHeljHl8LRRaZj9jpDbLUGamanC0DSFG_9V-O4fC48c-kToi2bR9pD-2QuuO1J_Mx4U=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzNzc3NTEyLDEzMDAwMDAwMF0sIjM5QTJCODU4LTk3ODYtNEIyMi05MjJBLUZDOEUzRTUwRDg1MiIsIkRBN0E2QTRELUJDMEItNEY4OS1CN0M1LTcxOENGNEVBNTUzNSIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2JlY2tlcm5ld3MuY29tL255LXRpbWVzLXN1ZXMtYmlkZW4tYWRtaW5pc3RyYXRpb24tZm9yLWh1bnRlci1iaWRlbi1lbWFpbHMtaW4tcHJvYmUtZm9yLWNvcnJ1cHQtZm9yZWlnbi10aWVzLTQzOTM0LyIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rLR0c9tYF-A.es5.O/d=1/rs=AJlcJMz6Yf6l0R78eyE87SXVxNqZ8ozJsQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f15b019d25811f8ff2678c5cd43b3fd889812afde376822a239a4aa08064b454
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dlKMtJe+mHgqb8ddL7Tq+g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-dlKMtJe+mHgqb8ddL7Tq+g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dlKMtJe+mHgqb8ddL7Tq+g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-dlKMtJe+mHgqb8ddL7Tq+g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F0D5 		803 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
1
servicer.mgid.com/1078868/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1078868/1?pv=5&cbuster=1643777512163539609105&uniqId=03eac&niet=4g&nisd=false&jsv=es6&w=640&h=1624&cols=3&ref=&cxurl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&lu=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&sessionId=61fa0de8-0a234&pageView=1&pvid=17eb8c651fa8905875d&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beckernews.com.1078868.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d76461b2cf51768c65aa837795216c8feabf3d9ff913c000f9d905e9afc46ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d70ce8b1f399171-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
tag.escalated.io/ 		112 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/?i=frjrZjE3qFfbr52&callback=reportIVT
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9969c43d4faf911b8abefd982acb353f3e708e9f6124a4ebd53c018bc02fbf1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 04:51:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 10 Jan 2022 21:56:41 GMT
Server
Apache
ETag
"1be2f-5d541695f5840"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-cache, max-age=0
Connection
close
Accept-Ranges
bytes
Content-Length
43649
X-XSS-Protection
1; mode=block
Vuukle_default_1.mp4
media.vuukle.com/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://media.vuukle.com/Vuukle_default_1.mp4
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://beckernews.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=98304-

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Aug 2021 05:39:20 GMT
server
cloudflare
age
89069
etag
"6114b408-19557c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 98304-1660283/1660284
cache-control
max-age=31536000
cf-ray
6d70ce8b6d770f56-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1561980
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
icon
onesignal.com/api/v1/apps/4591b984-c4cf-431a-ba46-3321f626ffa4/ 		184 B
577 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/4591b984-c4cf-431a-ba46-3321f626ffa4/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a68a4c4bfa7c59739ca435b5ba2cc3547872601f56040c63e60f5ffeae1be5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200 OK
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
3c6f39ef-65bf-4215-bd06-1f673ad38108
x-runtime
0.006159
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"d9a68a4c4bfa7c59739ca435b5ba2cc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
6d70ce8bac9e839c-MXP
access-control-allow-headers
SDK-Version
css
fonts.googleapis.com/ 		54 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.ibbr-72wcYs.es5.O/d=1/rs=AJlcJMwtTZ4bi_PO3VEEN4fZy1Z7LyWyog/m=iabtcfv2wallscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0a3868c61ca885220fcbe768210f995e928e578050c68a425acd82688adba5be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 04:51:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Feb 2022 04:51:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Feb 2022 04:51:52 GMT
AGSKWxUAprIrCSPGxvrS-lQs4HcnKkl-PSdDchEf6oTXqzoqI8U_DFVTR8gHzWAW-uGiLr1L_1WOpnYYsNF0BCOaYBiOEwM_NgSKTBMcKiYOal3C2gWh7bivz1WAHpuVseNBq8sJxEKwqQKJ2Ag61BOBUrntJCrfOls-pZCGx2Dd7NhXpRSpmYzBokbvU_5A
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUAprIrCSPGxvrS-lQs4HcnKkl-PSdDchEf6oTXqzoqI8U_DFVTR8gHzWAW-uGiLr1L_1WOpnYYsNF0BCOaYBiOEwM_NgSKTBMcKiYOal3C2gWh7bivz1WAHpuVseNBq8sJxEKwqQKJ2Ag61BOBUrntJCrfOls-pZCGx2Dd7NhXpRSpmYzBokbvU_5A?dmid=956707c13da1020a
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.ibbr-72wcYs.es5.O/d=1/rs=AJlcJMwtTZ4bi_PO3VEEN4fZy1Z7LyWyog/m=iabtcfv2wallscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-y5NtTgAYP8wS97awEGzV+Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-y5NtTgAYP8wS97awEGzV+Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-y5NtTgAYP8wS97awEGzV+Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-y5NtTgAYP8wS97awEGzV+Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v121/ 		119 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v121/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 19:29:21 GMT
x-content-type-options
nosniff
age
33751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121784
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 19:29:21 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:14:34 GMT
x-content-type-options
nosniff
age
16638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Feb 2023 00:14:34 GMT
performance.css
video-native.mgid.com/mgPlayer/css/1.11/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beckernews.com.1078868.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
5bf7378bca4930ee4e9fb8ab093c16ab60489c74376390de855b71d0c706ea57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
gzip
last-modified
Fri, 21 Jan 2022 08:57:47 GMT
server
nginx
etag
"a089-5d613d01797c6-gzip"
vary
Accept-Encoding
x-cached-since
2022-01-21T09:05:03+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
6903
expires
Sat, 21 Jan 2023 09:05:03 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
br
cf-cache-status
HIT
age
3443
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
563Q182XKKBGBPYA
x-amz-id-2
bdPUe4HjGqrAVg8eEZZYoC6KD28ITcgPDbSbHjAUGcQb3btZBQnFND4c/5y2yIgUVrant8QWGnY=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6d70ce8c9c40915f-FRA
expires
Thu, 03 Feb 2022 04:51:52 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
br
cf-cache-status
HIT
age
3442
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G7XVAWHV2A1TM5YQ
x-amz-id-2
YTUD+eplGac2nzDoCf6mNAS+SFRWUcCYJKczG3n8f/90lY7q4TeiITaNexYchgGjMS0Xbxxxcvw=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6d70ce8c9c43915f-FRA
expires
Thu, 03 Feb 2022 04:51:52 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2MxMjYyMzkwNzk1OGZkMWNmOThjYmEzMWRjMGE1YWE3LnBuZw.webp
s-img.mgid.com/g/3835483/492x277/47x0x619x412/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3835483/492x277/47x0x619x412/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2MxMjYyMzkwNzk1OGZkMWNmOThjYmEzMWRjMGE1YWE3LnBuZw.webp?v=1643777512-mjqjJdsyJUDboZMBPFdLPeCIAvec9vol2roQ-L1TA2E
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce119693737ea8188cb783d6e1f935bf0d10d2b5bc1190b3450e3fc9fe22bb99

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:52:29 GMT
x-mg-request-uuid
e1ec9da2-e676-4e46-ac3f-17a345c47f68
age
22294
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d0d3d6909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9860
server
cloudflare
mediaite_logo.png
cdn.mgid.com/images/logos/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/mediaite_logo.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ee6592c25ab27ff2bc7f2d8cb36b768e46b4e0f4475fe8b366fd9e2582db2ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
HIT
age
2034
cf-polished
origFmt=png, origSize=20799
last-modified
Wed, 11 Nov 2020 16:03:03 GMT
content-length
8044
content-disposition
inline; filename="mediaite_logo.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZBQW5CYY0XX88ENC
x-amz-id-2
OqXmNGU3XJUOGfApfK+pdoi9rIv5kXueohKjEgc0gFkZ4QoVM6L3Y3Tew0eBITvcAC+zYIBtA98=
cf-bgj
imgq:85,h2pri
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1605110573/ctime:1605110573/gid:0/gname:root/md5:a5ebb569767472ea4f8a9dd4e7e0fb04/mode:33206/mtime:1605110573/uid:0/uname:root
etag
"a5ebb569767472ea4f8a9dd4e7e0fb04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
6d70ce8c9c44915f-FRA
expires
Thu, 03 Feb 2022 04:51:52 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfOTA5LHlfMTkyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9lMzdiZ...
s-img.mgid.com/g/11533455/492x277/-/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533455/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfOTA5LHlfMTkyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9lMzdiZmMyMGI1NmIxNmNmYTcxYzhmZWFkYTIwNWNmMS5qcGVn.webp?v=1643777512-Hnx5pyrMvu1KlmQxV7ICKVTqoTOlHoaejqhUlDvsjV8
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
474a52ac79d337ae69559ff92043d3a2a52c74130b3ab68420205004f6c593c9

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
MISS
last-modified
Wed, 01 Dec 2021 12:35:01 GMT
x-mg-request-uuid
5c619678-95c3-4cef-bbd0-d8666bca055d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d0d3e6909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9484
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzZlNDMxZTYzNWIxMDNmOTAzNTFiZjQzN2M1N2EzZDk1LmpwZWc.webp
s-img.mgid.com/g/4017817/492x277/0x15x595x396/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4017817/492x277/0x15x595x396/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzZlNDMxZTYzNWIxMDNmOTAzNTFiZjQzN2M1N2EzZDk1LmpwZWc.webp?v=1643777512-5ydhdfQyBIrTp9JP2N_9ttu8OSrv4MfqSrymZP5hLKE
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
333a6e74f73717b1f1208f551ea7d245ca517ab1e0e9f11e39938ea6b205e098

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:20 GMT
x-mg-request-uuid
9c691a5c-352a-4551-9450-ab3be99ecdb3
age
19200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d0d3f6909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12264
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYTFjMGQzZDNkOTkyYWEzY...
s-img.mgid.com/g/11739874/492x277/-/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739874/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYTFjMGQzZDNkOTkyYWEzYjM4N2FmZmIzYjA0OWM5MWUucG5n.webp?v=1643777512-fXXooZImduKeYZKSYiYfRNOaBQ4Ww1cWEe9x64kayMc
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c0a9358d9648972ebf6c451d9db1f0372f343da97faefc965d0e1d07ea0418d

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid
4f89fda6-b162-44cd-8303-76c0ccb6784d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d0d406909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36458
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNTQ2NDRkYjZhY2EyYmU1M...
s-img.mgid.com/g/11533323/492x277/-/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533323/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNTQ2NDRkYjZhY2EyYmU1M2E2Nzk3M2ZjZDNhYmFhYmEuanBlZw.webp?v=1643777512-q-Xa6P20T5sTNHSZ7TrzUOgqUjKXkCFJlemiH7vzhW4
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f4b5c6db74437117ecdf2ff5109b934ccc182812773c3baf8be99a11398ecf9

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
MISS
last-modified
Wed, 01 Dec 2021 12:24:11 GMT
x-mg-request-uuid
734c8c6a-bf19-4a75-9a5d-e0c01554d7e6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d0d416909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8526
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDItMjAvMTAxOTI0L2E0MDg4YTc0ZjE5OWZiOTM4N2ZlNzIxZWVjOWNmYWY4LmpwZz90PTE0ODc2MTAwMDM1NjQ.webp
s-img.mgid.com/g/3805434/492x277/0x0x492x328/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805434/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDItMjAvMTAxOTI0L2E0MDg4YTc0ZjE5OWZiOTM4N2ZlNzIxZWVjOWNmYWY4LmpwZz90PTE0ODc2MTAwMDM1NjQ.webp?v=1643777512-XW54Ml98DbuV3EmyXMgxF6K7JKV1Xhc3uU6dlYLh3Fg
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8c21bf9c85eb1f80a9331ec6ce7e7444ba0a12bdb1db120b07f05885d0847d

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:53:43 GMT
x-mg-request-uuid
50ab685b-5099-48c3-bea1-c218e2761716
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d3d706909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9832
server
cloudflare
aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg?v=1643777512-s2BH-Syokfz8pcmrDI7665kFjGhxQ7DB2hUZacXsZ20
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693c1fc05326e4380777179beeb3c1487c75efb8c83fc995a3a8d8c7c756885f

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
HIT
x-mg-request-uuid
88f38a82-c9df-4473-a24f-b1bbeb49f8ce
age
297017
cf-polished
qual=85, origFmt=jpeg, origSize=41842
content-disposition
inline; filename="aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32968
last-modified
Thu, 11 Nov 2021 15:40:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d3d726909-FRA
cf-bgj
imgq:85,h2pri
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2VhZWMxNzA1NjlkMDVhYzdhZjZkMjRkNDZlMWIyMDNjLmpwZWc.webp
s-img.mgid.com/g/3959819/492x277/0x86x1024x682/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3959819/492x277/0x86x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2VhZWMxNzA1NjlkMDVhYzdhZjZkMjRkNDZlMWIyMDNjLmpwZWc.webp?v=1643777512--Ml4gAW64MyX7yyA-M3w8u7zzfM6zyPrjA4kNfHszhA
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fbe550b77ee74326c037ac840193315da6af2ccd701865af574ee9194271486

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 16:00:15 GMT
x-mg-request-uuid
3a682b6f-23f7-4541-b18e-9c27f6ad17b5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d3d746909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7886
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTUwNzcyMjA1ZDE1YmNmM...
s-img.mgid.com/g/11739859/492x277/-/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739859/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTUwNzcyMjA1ZDE1YmNmMjA4NTU2ODdmZWI5MGU2YjQuanBlZw.webp?v=1643777512-40rtWUHoF8esH8VuoFanBhhXCmi_C2v2Qr3F691WcKA
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08ca0c73f89f5bc5963159017015d8a2367b34a502c940b7052082c40c927939

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:52:21 GMT
x-mg-request-uuid
74e598a7-d36a-4da2-8bd5-fe3eddcace47
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d3d766909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20140
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvN2UzODEzY2MzZTRmMTUwN...
s-img.mgid.com/g/12068024/492x277/-/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12068024/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvN2UzODEzY2MzZTRmMTUwNDM2MTVkZWQ0YmMzYTFiZDcuanBn.webp?v=1643777512-eCOtZUqE20RV9Vhi71FS3SCzlRSDTS1XsjCUFvRmtO4
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e04a7746251843cf567a9b27c7ae4d244ce9575519ff3daf328e19696d1bbd1a

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 14:13:26 GMT
x-mg-request-uuid
e6eea565-9476-466d-841a-92f33a951253
age
20863
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d3d786909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12742
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvNmM2YmMzMzc2YWQ3MGEwM...
s-img.mgid.com/g/10839597/492x277/-/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839597/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvNmM2YmMzMzc2YWQ3MGEwMjg3NGU2NmE1Mzk1ZDM3NWUuanBlZw.webp?v=1643777512-3T4NN3y_jn4r7s1asmGdnpRULpnj0D7PqVv_oOvBF7U
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194c747163198072c818b9eb8b35b2afca979f93f54009c67903e1dcb7503aef

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:56:06 GMT
x-mg-request-uuid
01788ef4-a785-4d81-bf2a-4f8e06f5d7c9
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d3d7a6909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12622
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2U5ODNkOWY1MWVmZmY5YjAzY2JkYTc4YTM4N2M0Njk4LmpwZz90PTE0OTgxNjA4MTYxMjM.webp
s-img.mgid.com/g/3805494/492x277/0x60x539x359/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805494/492x277/0x60x539x359/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2U5ODNkOWY1MWVmZmY5YjAzY2JkYTc4YTM4N2M0Njk4LmpwZz90PTE0OTgxNjA4MTYxMjM.webp?v=1643777512-PuBf4XmMIJwpf-sIR5nkCyBtwnvJoXNr8g-nigu8uw0
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90dd60ca14caa7eda327d78f9ad109b06feb5b69f3664b8a28519d2383adb689

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:56:28 GMT
x-mg-request-uuid
62dc8e3c-ada7-4692-9826-57a024ebb217
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d3d7b6909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12380
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp
s-img.mgid.com/g/8193526/492x277/0x26x798x532/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193526/492x277/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1643777512-2l4H389ghBhj3S5QwMCKvXeoaC5FXMvWTB6BQJB_U2o
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22dc09e053641dbee00b20cf2894802b3a119e99d568ff099e7c6b413a85ba38

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:53:57 GMT
x-mg-request-uuid
ef7ac73f-72c6-4aab-937a-464044bb1e43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d3d7c6909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15828
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMDgvMTAxOTI0LzcyOWIyZDdlMzZkOGFhNTBjYWM0MjdlNGQ5NTk4ODMzLmpwZz90PTE0ODkwMDQ2Mjc4MjA.webp
s-img.mgid.com/g/3805531/492x277/0x0x1023x682/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805531/492x277/0x0x1023x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMDgvMTAxOTI0LzcyOWIyZDdlMzZkOGFhNTBjYWM0MjdlNGQ5NTk4ODMzLmpwZz90PTE0ODkwMDQ2Mjc4MjA.webp?v=1643777512-cfVBf_aGQIyyrXc3DJ4q07zJuYsK6mxubLfQJYYzADk
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97f9639ee27e7951f93e6507ab9d203e2d003b72cfc06c6bcaffe3e8687bbc8d

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:57:33 GMT
x-mg-request-uuid
75195542-202d-4e58-8911-e8aaf5743102
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d3d7f6909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38216
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvZGM4Mzc3ZTBiOGM0ZTQyZ...
s-img.mgid.com/g/11533445/492x277/-/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533445/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS8xMDE5MjQvZGM4Mzc3ZTBiOGM0ZTQyZjMxOGRhMWQyZTgzMWRmYjkuanBlZw.webp?v=1643777512-3GT5PGHikcduB6J9ws-4pv-sWWj8DZXau8cmS5ClfWw
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb67b5ed5b3f0100c438fc38cd7ccb7cb1d55313d6fd0c7282472df3aca33ae

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cf-cache-status
MISS
last-modified
Wed, 01 Dec 2021 12:36:09 GMT
x-mg-request-uuid
5b2dad0f-f5fc-40d8-9d49-5665e2e029bd
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d70ce8d3d806909-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14340
server
cloudflare
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v21/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v21/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 19:33:50 GMT
x-content-type-options
nosniff
age
33482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 19:33:50 GMT
cookiesyncendpoint
servs.vuukle.com/ Frame 986E
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.vuukle.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1643777512348-929046190734-008...
  • https://servs.vuukle.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1643777512348-929046190734-008623-009-000580&key=95317b89-2555-4860-a5a2-d4766a959fb7
0
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://servs.vuukle.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1643777512348-929046190734-008623-009-000580&key=95317b89-2555-4860-a5a2-d4766a959fb7
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.247.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-247-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-length
0

Redirect headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-type
text/plain
content-length
0
location
https://servs.vuukle.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1643777512348-929046190734-008623-009-000580&key=95317b89-2555-4860-a5a2-d4766a959fb7
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
pixel.advertising.com/ups/58246/ Frame 388F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.44.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-44-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000
cookiesyncendpoint
servs.vuukle.com/ Frame 2AF2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fservs.vuukle.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1643777512348-929046190734-00...
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005&rndcb=4984305611
  • https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005&rndcb=4984305611
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=750f7c55-9c9d-492f-80a5-7be17051bae3&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=c9d24dfb-5819-4e67-ba1b-ffc680ed3c8d&expires=1&user_group=5&ssp=adconductor&bsw_param=750f7c55-9c9d-492f-80a5-7be17051bae3
  • https://sync.1rx.io/usersync/bidswitch/750f7c55-9c9d-492f-80a5-7be17051bae3?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005?redir=https%3A%2F%2Fservs.vuukle.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D20...
  • https://servs.vuukle.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1643777512348-929046190734-008623-009-000580&key=RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005
0
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://servs.vuukle.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1643777512348-929046190734-008623-009-000580&key=RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.247.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-247-252.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
content-length
0

Redirect headers

Server
Tengine
Date
Wed, 02 Feb 2022 04:51:52 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://servs.vuukle.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1643777512348-929046190734-008623-009-000580&key=RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005
ETag
RXacb47eee49dd47c4a6f654075a7fcd64005
services
sync.technoratimedia.com/ Frame FFBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1643777512348-929046190734-008623-009-000580&cb=https%3A%2F%2Fservs.vuukle.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1643777512348-929046190734-008623-009-000580%26key%3D%5BUSER_ID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 04:51:52 GMT
access-control-allow-origin
https://beckernews.com/
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
149169794
age
0
via
1.1 varnish
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9F19 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.vuukle.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1643777512348-929046190734-008623-009-000580%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=92918
expires
Thu, 03 Feb 2022 06:40:30 GMT
date
Wed, 02 Feb 2022 04:51:52 GMT
vary
Accept-Encoding
avpb3.js
player.aniview.com/script/6.1/ Frame B6A6 		314 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:fb:5a7::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
bbb5793911e601330153418c841cc86a73e0018eee5887ccf121c9ded7cee53f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtjyIFoUWUtEz8ebiA8H9O8XCEfh94UBNuX29EbWp36_RERxILLTaQM_0ys63tbawiU3qhkOWWEjamojA3aPvA2efyEhA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99493
last-modified
Thu, 20 Jan 2022 11:22:06 GMT
server
UploadServer
etag
"fc8a8f380c54ebfb0ea5f906a6ef95b1"
vary
Accept-Encoding
x-goog-hash
crc32c=/r/+pg==, md5=/IqPOAxU6/sOpfkGpu+VsQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1642677726061277
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99493
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 02 Feb 2022 04:56:52 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=beckernews.com&rs=beckernews.com&sid=51975&t=1643777512&cip=217.64.151.3&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=607eaa2728f57c570863c77a&test=&aafaid=&proto=https&uid=1643777512348-929046190734-008623-009-000580&cha=0.7&stagid=60cdeb227e407c6a2a4199a4&stplid=608a9f291cc704381f4f47f8&d35=&d36=6.1.2.99&cb=51760726993&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=607eaa2728f57c570863c77a&ncid=60c37ca68d20f0118e3ae307&e=request&cb=1643777512460&asid=60d2df5925f30e30f64d84c7%2C607fd0e1bde8322e62610b56%2C609fcc1e5eaa640d4d0a6b96%2C609aaf7777aeae0a507859fd%2C609fcc8e9a330a323634a4f6&ofpr=%2C0.25%2C0.4%2C0.4%2C0.25&fpo=%2C%2C%2C%2C
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-6-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=beckernews.com&rs=beckernews.com&sid=51975&t=1643777512&cip=217.64.151.3&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=607eaa2728f57c570863c77a&test=&aafaid=&proto=https&uid=1643777512348-929046190734-008623-009-000580&cha=0.7&stagid=60cdeb227e407c6a2a4199a4&stplid=608a9f291cc704381f4f47f8&d35=&d36=6.1.2.99&cb=51760726993&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&&copid=607eaa2728f57c570863c77a&nid=59c9148628a0612da3689288&cocid=60c37ca68d20f0118e3ae307&ncid=6087e2a089db1d32452c2995&coasid=6087e2c4921bb844376efaf6&e=request&cb=1643777512460&asid=61f28e6f24cba54ca74e1656&ofpr=3.5&fpo=
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-6-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
3f58e08b-8b4d-48e1-8855-a79391a0ade6
player.ex.co/player/ 		744 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/3f58e08b-8b4d-48e1-8855-a79391a0ade6
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.67.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0eb35c4ce205d217f347a32e7dedeb4610c6cf9e0185052e349e22ba44ef46c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
gzip
age
5297
x-cache
MISS, HIT
access-control-max-age
600
content-length
221459
x-served-by
cache-iad-kjyo7100045-IAD, cache-hhn4041-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1643777513.608732,VS0,VE1
etag
W/"b9f18-Dqbch1+hFxn+WmtJGoIMfcrIRSg"
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 1
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.111.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-111-143.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
da027b48bd2e0721776f5370f0886a70f4a9b759bd3e6dbd2f4eeb399a8ed042

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:53 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.111.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-111-143.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e1cd6f54ad9448af67ce35190d1616cf78cdb6b717f2fce2b4c6ca436c6d5de3

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:53 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.111.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-111-143.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3400d64890530a90aa5ea41284e2e0dabc056ca6a8208f34cdbf80a07f360cd2

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:53 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
177
expires
0
openrtb
ads.adaptv.advertising.com/rtb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vuukle
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.29.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-29-118.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://beckernews.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
openrtb
ads.adaptv.advertising.com/rtb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vuukle
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.29.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-29-118.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://beckernews.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
PugMaster
image6.pubmatic.com/AdServer/ Frame 9F19 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22209129&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.vuukle.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1643777512348-929046190734-008623-009-000580%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:51 GMT
content-length
0
i.js
cm.mgid.com/ 		0
113 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1643777512550277670599
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beckernews.com.1078868.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6d70ce8dcc0e9171-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame F541 		0
62 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1643777512574946032442
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/e/beckernews.com.1078868.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6d70ce8dec2a9171-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
halo_match
ids.ad.gt/api/v1/ 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=0051ca09-1455-4e27-bb5b-bb85f25a7be4&halo_id=0201tlxlfd07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Wed, 02 Feb 2022 16:51:52 GMT
post
tag.escalated.io/ 		33 B
464 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/post
Requested by
Host: tag.escalated.io
URL: https://tag.escalated.io/?i=frjrZjE3qFfbr52&callback=reportIVT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9e539942b1cd2922e885e555fb94830d03679854555104a555b61a25a67dccba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 02 Feb 2022 04:51:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
close
Access-Control-Allow-Headers
content-type
Content-Length
51
X-XSS-Protection
1; mode=block
b46a400b-b0ae-4507-a791-a088e0778328
img.onesignal.com/permanent/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/b46a400b-b0ae-4507-a791-a088e0778328
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
700ef6d5794e7e87ada4629945e7c3b510bcf58945283de4bdf5e317365383f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
168HMXJA8VGWPJTG
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6025
x-amz-id-2
6hcp2zO+YW3estsn4eVdHQbV6lre1J/b/NGk3Je3Iv3XOIGqE5ehBSj2kV6e/X9uuBDsgMf1v+o=
last-modified
Wed, 20 Jan 2021 20:29:39 GMT
server
cloudflare
etag
"915d6dc67e80f4ea9393e126261574ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6d70ce8e1b5c5a1f-MXP
expires
Sat, 05 Mar 2022 04:51:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 18:59:49 GMT
x-content-type-options
nosniff
age
35523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 18:59:49 GMT
getpixels
pixels.ad.gt/api/v1/ 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=666e6e60137cca35d543d1b8317b232a&url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.240.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-240-27.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 02 Feb 2022 04:51:53 GMT
server
nginx/1.18.0
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
gvjrnEgs2M5whD6u0kOW1ud+/YhyL0Qkm5YPL2eRa+QbDH+jcJCLbm/hSFFIwznukocwkf81BPWAW5cqus23HA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Wed, 02 Feb 2022 04:51:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 02 Feb 2022 05:07:18 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:40:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 02 Feb 2022 05:40:07 GMT
cm
u.openx.net/w/1.0/ 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201tlxlfd07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3D0051ca09-1455-4e27-bb5b-bb85f25a7be4
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
events
prd-collector-anon.ex.co/main/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/3f58e08b-8b4d-48e1-8855-a79391a0ade6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-17-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://beckernews.com
date
Wed, 02 Feb 2022 04:51:52 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 04:24:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Feb 2022 04:51:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Feb 2022 04:51:52 GMT
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/3f58e08b-8b4d-48e1-8855-a79391a0ade6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5f65:4d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UxUS33fHL218Vnzc13h98diQ7RaRtNei5LPRd93R_Q8daD7wcflOWodcSM-pqel6mrDcKP6ejWKBuPn9C_HdDY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 02 Feb 2022 04:56:52 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 8512 		347 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/3f58e08b-8b4d-48e1-8855-a79391a0ade6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:fb:5a7::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
bb6bd69700e21a8f9bc89da3eb5609dc34ebecaa70165a66771e04fbaa369131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdugIIgoaANILBtgo91edbEkB8PQUk-F54zZju0292ah7QAS-Bg_wrGkp1prTSoLyw_wfgsmW-ocXDvf6rwWXZk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99205
last-modified
Thu, 20 Jan 2022 11:23:37 GMT
server
UploadServer
etag
"c4fd3c1c12f1603b143af9c821681876"
vary
Accept-Encoding
x-goog-hash
crc32c=hrQu+g==, md5=xP08HBLxYDsUOvnIIWgYdg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1642677817486292
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99205
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 02 Feb 2022 04:56:52 GMT
events
prd-collector-anon.ex.co/main/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/3f58e08b-8b4d-48e1-8855-a79391a0ade6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-17-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://beckernews.com
date
Wed, 02 Feb 2022 04:51:52 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1643777512778&cid=60c22e90e8e20314124b2b18&VERSION=4.128.0&AV_PAGE_LOAD_UID=731a47d7-9442-4f28-9ab2-f56aa46f2c51&AV_CDIM4=731a47d7-9442-4f28-9ab2-f56aa46f2c51&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-6-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
1853083501571805
connect.facebook.net/signals/config/ 		308 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1853083501571805?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
40bc5c943a450c0c125d006924a518fc96ae118dfb2f017e370e40f85debc3a9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
90705
x-xss-protection
0
pragma
public
x-fb-debug
c66550q8VbQ2rq2W1oeK2hPdmMTg+5xEQQGVk7y3dxdTNy4+RGA0P92pMW2mufGeOv70VPL6gKNRh4N45G6HJA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 02 Feb 2022 04:51:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bq-publish
publish.vuukle.com/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://publish.vuukle.com/bq-publish?callback=&{%22action%22:%22ivt_1002%22,%22hashed_email%22:%22$f9c302-6b07-4ad4-b4d9-a67c287afbea%22,%22hostname%22:%22%22,%22pubdomain%22:%22beckernews.com%22,%22refDomain%22:%22%22,%22sessionId%22:%22eb100cf9-214e-43bb-80c5-2df8fb6a3cd8%22,%22version%22:%224.20%22,%22articleImg%22:%22%22,%22articleTitle%22:%22NY%20Times%20Sues%20Biden%20Administration%20for%20Hunter%20Biden%20Emails%20in%20Probe%20for%20Corrupt%20Foreign%20Ties%22,%22article_id%22:%22%22,%22hashed_article_url%22:%22https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F%22,%22referrer%22:%22%22,%22tags%22:%22%22,%22browser%22:%22Chrome%22,%22device%22:%22Desktop%22,%22os%22:%22Windows%22}&_=1489139930741
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://beckernews.com
access-control-allow-credentials
true
cf-ray
6d70ce8fa940839c-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=beckernews.com&sn=&cd4=731a47d7-9442-4f28-9ab2-f56aa46f2c51&cd5=default&ic=0&tgt=0&app=&wi=&he=&test=&d36=6.1.2.99&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=60c22e90e8e20314124b2b18&stagid=&stplid=&e=inventory&vi=0&cb=1643777512933
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-6-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
envelope
api.rlcdn.com/api/identity/ 		44 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://beckernews.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
id.crwdcntrl.net/ 		63 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.233.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-233-249.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6d5a1972e5bab5e7a4d05d146ee5617e6d5eaa03f2e893dc60d8321139e71b7c

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:53 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://beckernews.com
cache-control
no-cache
x-server
10.45.4.116
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		108 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
40ce275f228f3d6a1ff2b08b142a8a385d04da568306b3aa9133d50da9b8b850

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 04:51:52 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://beckernews.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 04 Mar 2022 04:51:53 GMT
/
premiumsrv.aniview.com/api/adserver/tag/ 		15 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.128.0&AV_PAGE_LOAD_UID=731a47d7-9442-4f28-9ab2-f56aa46f2c51&AV_CDIM4=731a47d7-9442-4f28-9ab2-f56aa46f2c51&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_sd%2Fv1490095101%2Flandscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=60c22e90e8e20314124b2b18&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=beckernews.com&AV_DADPOS=3&d36=6.1.2.99&responsive=1&sver=1&avtoken=512932&AV_WIDTH=640&AV_HEIGHT=361&AV_CCPA=1---&AV_DNT=0&cb=1643777512971&AV_C_USER_ID=1643777512348-929046190734-008623-009-000580
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.96.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-96-140.compute-1.amazonaws.com
Software
/
Resource Hash
6a3b9e1f2fa2b16e3c88d9c5696d4a96e82d24b64b219a29cc633d75837c6984

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://beckernews.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Fri, 21 Jan 2022 15:05:13 GMT
landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.m3u8
mcd.ex.co/video/upload/sp_sd/v1490095101/ 		651 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_sd/v1490095101/landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-136.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
be2c1d142ca4d74edfb9ef8b913a29ece475f2d2b3783752fd214facb05f0d4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 04:51:53 GMT
Cache-Tag
494392110321738828728468980129769924807,327961014079627028052771905279638174707,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
651
X-Served-By
cache-wdc5546-WDC
Last-Modified
Mon, 13 Dec 2021 00:49:04 GMT
Server
cloudinary
X-Timer
S1639356807.003216,VS0,VE27
ETag
"7e132eb0160e637cfe3763a261241d23"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27136937
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&rl=&if=false&ts=1643777513005&cd[partner_id]=251&cd[tagger_id]=666e6e60137cca35d543d1b8317b232a&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1643777513002.1260457798&it=1643777512871&coo=false&tm=1&exp=p1&rqm=GET
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 02 Feb 2022 04:51:53 GMT
landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1639356529/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1639356529/landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-136.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
a2dcd513eda6633956e1508982f2da9451d55f5c278a2b8786761ea2aa6e64e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 04:51:53 GMT
Cache-Tag
494392110321738828728468980129769924807,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1331
X-Served-By
cache-wdc5531-WDC
Last-Modified
Mon, 13 Dec 2021 00:48:53 GMT
Server
cloudinary
X-Timer
S1639356808.689102,VS0,VE32
ETag
"5d2460ecc7dde15264a2b1354567d0c6"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27136991
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1639356529/ 		76 KB
77 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1639356529/landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-136.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
7114b2677059736a054c95cd8b85b0daf49d46979d86d87d74cb612d1c6b0c8d

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-78207

Response headers

Date
Wed, 02 Feb 2022 04:51:53 GMT
Cache-Tag
494392110321738828728468980129769924807,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-78207/993580
Connection
keep-alive
Content-Length
78208
X-Served-By
cache-wdc5546-WDC
Last-Modified
Mon, 13 Dec 2021 00:48:53 GMT
Server
cloudinary
X-Timer
S1639356808.996054,VS0,VE44
ETag
"585327e2d1b230b38d4be20e3e86ad4c"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27136926
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
ec8ed1b4-9fe6-4fd6-a0ae-1d803aad50d2
https://beckernews.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://beckernews.com/ec8ed1b4-9fe6-4fd6-a0ae-1d803aad50d2
Requested by
Host: beckernews.com
URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-136.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
06e7e2d29086079886791f958af177ddeb5a26c90bcb202cdfdc347335912e16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 04:51:53 GMT
Cache-Tag
494392110321738828728468980129769924807,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1345
X-Served-By
cache-wdc5538-WDC
Last-Modified
Mon, 13 Dec 2021 00:49:02 GMT
Server
cloudinary
X-Timer
S1639369112.308884,VS0,VE1
ETag
"975fcdb3cef1b3cb6058e98ded9cb6c0"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27149192
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
/
reporting.powerad.ai/ 		2 B
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
server
nginx/1.14.0 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/ 		196 KB
197 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-136.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3050027127e3700d6448c3083833a09f7c21929c00c3dd0b07252ea2c4d488cc

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-200595

Response headers

Date
Wed, 02 Feb 2022 04:51:53 GMT
Cache-Tag
494392110321738828728468980129769924807,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-200595/2506604
Connection
keep-alive
Content-Length
200596
X-Served-By
cache-wdc5538-WDC
Last-Modified
Mon, 13 Dec 2021 00:49:01 GMT
Server
cloudinary
X-Timer
S1639369114.956257,VS0,VE0
ETag
"56d8573e163968de1222c4b28c2068b5"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27149185
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/ 		276 KB
277 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-136.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
297161ff4e893f820491d4915e427edae980db3dccad5e72d7fb519ae2f32a48

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=200596-483159

Response headers

Date
Wed, 02 Feb 2022 04:51:53 GMT
Cache-Tag
494392110321738828728468980129769924807,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 200596-483159/2506604
Connection
keep-alive
Content-Length
282564
X-Served-By
cache-wdc5538-WDC
Last-Modified
Mon, 13 Dec 2021 00:49:01 GMT
Server
cloudinary
X-Timer
S1639369114.956257,VS0,VE0
ETag
"56d8573e163968de1222c4b28c2068b5"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27149185
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
events
prd-collector-anon.ex.co/main/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/3f58e08b-8b4d-48e1-8855-a79391a0ade6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-17-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://beckernews.com
date
Wed, 02 Feb 2022 04:51:53 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/ 		222 KB
223 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-136.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ab7597cf4d2e6c7f931bf693745c6ddcd9f52ac13cb2b092edf390876025297e

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=483160-710827

Response headers

Date
Wed, 02 Feb 2022 04:51:53 GMT
Cache-Tag
494392110321738828728468980129769924807,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 483160-710827/2506604
Connection
keep-alive
Content-Length
227668
X-Served-By
cache-wdc5538-WDC
Last-Modified
Mon, 13 Dec 2021 00:49:01 GMT
Server
cloudinary
X-Timer
S1639369114.956257,VS0,VE0
ETag
"56d8573e163968de1222c4b28c2068b5"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27149185
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/ 		276 KB
277 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-136.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
c03fed88c3e1b81f464e5c6f0b11cd538155d1cd32d1618a015be70409ef5244

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=710828-993767

Response headers

Date
Wed, 02 Feb 2022 04:51:53 GMT
Cache-Tag
494392110321738828728468980129769924807,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 710828-993767/2506604
Connection
keep-alive
Content-Length
282940
X-Served-By
cache-wdc5538-WDC
Last-Modified
Mon, 13 Dec 2021 00:49:01 GMT
Server
cloudinary
X-Timer
S1639369114.956257,VS0,VE0
ETag
"56d8573e163968de1222c4b28c2068b5"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27149185
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
usermatch
ssum.casalemedia.com/ Frame D1E0 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643777512348-929046190734-008623-009-000580%26biddername%3D42%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
46a4006c800c41fa760447412f55a64597eaf2c7aa633b1f6952c492d6d4e261

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|130|88|105|26|230|4
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 02 Feb 2022 04:51:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:53 GMT
Content-Length
1617
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame CA88
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 02 Feb 2022 04:51:53 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
date
Wed, 02 Feb 2022 04:51:53 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
merge
ce.lijit.com/ Frame F220 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=376385&3pid=1643777512348-929046190734-008623-009-000580&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643777512348-929046190734-008623-009-000580%26biddername%3D18%26key%3D%5BSOVRNID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

Server
nginx
Date
Wed, 02 Feb 2022 04:51:53 GMT
X-MERGE
GDPR Optout true
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2ams1
events
prd-collector-anon.ex.co/main/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/3f58e08b-8b4d-48e1-8855-a79391a0ade6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-17-58.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://beckernews.com
date
Wed, 02 Feb 2022 04:51:53 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
avpb3.js
player.aniview.com/script/6.1/ Frame 8512 		314 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:fb:5a7::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
bbb5793911e601330153418c841cc86a73e0018eee5887ccf121c9ded7cee53f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtjyIFoUWUtEz8ebiA8H9O8XCEfh94UBNuX29EbWp36_RERxILLTaQM_0ys63tbawiU3qhkOWWEjamojA3aPvA2efyEhA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99493
last-modified
Thu, 20 Jan 2022 11:22:06 GMT
server
UploadServer
etag
"fc8a8f380c54ebfb0ea5f906a6ef95b1"
vary
Accept-Encoding
x-goog-hash
crc32c=/r/+pg==, md5=/IqPOAxU6/sOpfkGpu+VsQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1642677726061277
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99493
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 02 Feb 2022 04:56:53 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=beckernews.com&rs=beckernews.com&sid=94469&t=1643777513&cip=217.64.151.3&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=640&he=361&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1643777512348-929046190734-008623-009-000580&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.99&cb=47644947255&cd1=4.128.0&cd4=731a47d7-9442-4f28-9ab2-f56aa46f2c51&cd5=default&d9=1000&d37=realtime&AV_WIDTH=640&AV_HEIGHT=361&nid=56ea678d181f46c76f8b45fb&ncid=60c22e90e8e20314124b2b18&e=request&cb=1643777513317&asid=604e0bb1f199b154cc115338%2C603bb6ac619b766728187834%2C5c5a9a6228a0617b9619af99%2C60c22e8e4ca2022e085bc8da%2C60c22e8ed96045783c747e0c%2C60c22e8ee7bb7614661f8218%2C59f5f23628a0612040036b8f&ofpr=2%2C6%2C2%2C%2C%2C%2C3&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-6-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/ 		240 KB
241 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-136.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
d651a9d796f5ead04bd3e80e824b8f614de2c067675d05f75a22cd138c022a2d

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=993768-1239483

Response headers

Date
Wed, 02 Feb 2022 04:51:53 GMT
Cache-Tag
494392110321738828728468980129769924807,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 993768-1239483/2506604
Connection
keep-alive
Content-Length
245716
X-Served-By
cache-wdc5538-WDC
Last-Modified
Mon, 13 Dec 2021 00:49:01 GMT
Server
cloudinary
X-Timer
S1639369114.956257,VS0,VE0
ETag
"56d8573e163968de1222c4b28c2068b5"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27149185
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.111.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-111-143.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3134b8918a8367da0750c58d7d54789797608825b5c91d490c6e87251cd25ddb

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:53 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
177
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.111.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-111-143.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
50f933f2d6f22236cfa0c25705160e741ec07ca62ab0b4951ee3cdae2a861709

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:53 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.111.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-111-143.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ae439888f2214505d682d6ab8b3de557ede87d5808db486409258b3264e3dd5f

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:53 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.111.143 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-111-143.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a9a06adcf1173ccb5f44531ad265f5089420367edce72df8afc2ab4938a79ef0

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:53 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/ 		276 KB
277 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-136.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
93e8ff7840c49c8cee07eb6ad719a5f747017044a5855a69f4c08fb19c9304c0

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=1239484-1522611

Response headers

Date
Wed, 02 Feb 2022 04:51:53 GMT
Cache-Tag
494392110321738828728468980129769924807,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 1239484-1522611/2506604
Connection
keep-alive
Content-Length
283128
X-Served-By
cache-wdc5538-WDC
Last-Modified
Mon, 13 Dec 2021 00:49:01 GMT
Server
cloudinary
X-Timer
S1639369114.956257,VS0,VE0
ETag
"56d8573e163968de1222c4b28c2068b5"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27149185
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=beckernews.com&rs=beckernews.com&sid=51975&t=1643777512&cip=217.64.151.3&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=607eaa2728f57c570863c77a&test=&aafaid=&proto=https&uid=1643777512348-929046190734-008623-009-000580&cha=0.7&stagid=60cdeb227e407c6a2a4199a4&stplid=608a9f291cc704381f4f47f8&d35=&d36=6.1.2.99&cb=51760726993&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300&nid=607eaa2728f57c570863c77a&ncid=60c37ca68d20f0118e3ae307&e=bid&cb=1643777513385&asid=60d2df5925f30e30f64d84c7&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-6-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B6A6 		376 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127061
x-xss-protection
0
expires
Wed, 02 Feb 2022 04:51:53 GMT
usync.js
eus.rubiconproject.com/ Frame CA88 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 04:51:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=50299
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Wed, 02 Feb 2022 18:50:12 GMT
YfoN5xLB1NHIy20p3eznywAABI0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D1E0 		43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YfoN5xLB1NHIy20p3eznywAABI0AAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643777512348-929046190734-008623-009-000580%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:6aba:1333:1e2b:7cf5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame D1E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643777512348-929046190734-008623-009-000580%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame D1E0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD6Yk7D9BwAAAHO135GJw&expiration=1644987113&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD6Yk7D9BwAAAHO135GJw&expiration=1644987113&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643777512348-929046190734-008623-009-000580%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Feb 2022 04:51:53 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD6Yk7D9BwAAAHO135GJw&expiration=1644987113&gdpr=1
Date
Wed, 02 Feb 2022 04:51:53 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame D1E0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YfoN6QADHUiZhgBH
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfoN6QADHUiZhgBH&gdpr=1&_test=YfoN6QADHUiZhgBH
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfoN6QADHUiZhgBH&gdpr=1&_test=YfoN6QADHUiZhgBH
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643777512348-929046190734-008623-009-000580%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Feb 2022 04:51:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643777514.578932,VS0,VE0
x-served-by
cache-hhn4065-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YfoN6QADHUiZhgBH&gdpr=1&_test=YfoN6QADHUiZhgBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame D1E0
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643777512348-929046190734-008623-009-000580%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Feb 2022 04:51:53 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Wed, 02 Feb 2022 04:51:53 GMT
server
nginx/1.20.0
content-length
76
/
sync.taboola.com/sg/indexscod/1/cm/ Frame D1E0 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YfoN5xLB1NHIy20p3eznywAA%261165
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643777512348-929046190734-008623-009-000580%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14168
pixel
cm.g.doubleclick.net/ Frame D1E0 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YfoN5xLB1NHIy20p3eznywAABI0AAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643777512348-929046190734-008623-009-000580%26biddername%3D42%26key%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D1E0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3841559664404378862
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3841559664404378862
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643777512348-929046190734-008623-009-000580%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 04:51:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Feb 2022 04:51:53 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3841559664404378862
pragma
no-cache
date
Wed, 02 Feb 2022 04:51:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cookiesyncendpoint
sync.aniview.com/ Frame D1E0 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1643777512348-929046190734-008623-009-000580&biddername=42&key=YfoN5xLB1NHIy20p3eznywAA%261165
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1643777512348-929046190734-008623-009-000580%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.156.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-156-238.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
content-length
0
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 9D47 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 11:36:18 GMT
expires
Tue, 31 Jan 2023 11:36:18 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
148535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame B6A6 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 04:51:53 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1717 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 03:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 02 Feb 2022 04:56:34 GMT
/
www.facebook.com/tr/ Frame 3C4D 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://beckernews.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://beckernews.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Wed, 02 Feb 2022 04:51:53 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=beckernews.com&rs=beckernews.com&sid=94469&t=1643777513&cip=217.64.151.3&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=640&he=361&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1643777512348-929046190734-008623-009-000580&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.99&cb=47644947255&cd1=4.128.0&cd4=731a47d7-9442-4f28-9ab2-f56aa46f2c51&cd5=default&d9=1000&d37=realtime&AV_WIDTH=640&AV_HEIGHT=361&nid=56ea678d181f46c76f8b45fb&ncid=60c22e90e8e20314124b2b18&e=bid&cb=1643777513631&asid=60c22e8e4ca2022e085bc8da%2C60c22e8ed96045783c747e0c%2C60c22e8ee7bb7614661f8218&ofpr=%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-6-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8512 		376 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127061
x-xss-protection
0
expires
Wed, 02 Feb 2022 04:51:53 GMT
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame CCB4 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 11:36:18 GMT
expires
Tue, 31 Jan 2023 11:36:18 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
148535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 8512 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 04:51:53 GMT
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 5E9E 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 11:36:18 GMT
expires
Tue, 31 Jan 2023 11:36:18 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
148535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 0DAD 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 11:36:18 GMT
expires
Tue, 31 Jan 2023 11:36:18 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
148535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E420 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 03:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 02 Feb 2022 04:56:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 16AF 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 03:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 02 Feb 2022 04:56:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2827 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 03:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 02 Feb 2022 04:56:34 GMT
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a585cdf0-ef00-4865-983c-fcbe375aa250&_origin=1&gdpr=1&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=a585cdf0-ef00-4865-983c-fcbe375aa250&_origin=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:53 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 04:51:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=a585cdf0-ef00-4865-983c-fcbe375aa250&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPd5eb1182-83e3-11ec-a894-0649641462a8
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBkNWViMTE4Mi04M2UzLTExZWMtYTg5NC0wNjQ5NjQxNDYyYTg%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEF4-wa-Kv8UhUqnGIh-WMV0&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEF4-wa-Kv8UhUqnGIh-WMV0&google_cver=1&apid=UPd5eb1182-83e3-11ec-a894-0649641462a8
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEF4-wa-Kv8UhUqnGIh-WMV0&google_cver=1&apid=UPd5eb1182-83e3-11ec-a894-0649641462a8
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:54 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEF4-wa-Kv8UhUqnGIh-WMV0&google_cver=1&apid=UPd5eb1182-83e3-11ec-a894-0649641462a8
date
Wed, 02 Feb 2022 04:51:54 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://pixel.advertising.com/ups/55986/sync?uid=YfoN6QADHUiZhgBH&_origin=0&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YfoN6QADHUiZhgBH&_origin=0&gdpr=0&gdpr_consent=&apid=UPd5eb1182-83e3-11ec-a894-0649641462a8
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YfoN6QADHUiZhgBH&_origin=0&gdpr=0&gdpr_consent=&apid=UPd5eb1182-83e3-11ec-a894-0649641462a8
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:54 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YfoN6QADHUiZhgBH&_origin=0&gdpr=0&gdpr_consent=&apid=UPd5eb1182-83e3-11ec-a894-0649641462a8
date
Wed, 02 Feb 2022 04:51:53 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
khaos.jpg
token.rubiconproject.com/ Frame CA88 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
dbbc2dbf689859fb5870b364473d5441
Content-Type
image/jpg
ads
pagead2.googlesyndication.com/gampad/ Frame 9D47 		136 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F213794966%2C22659356104%2Fav%2Fbeckernews.com&description_url=https%3A%2F%2Fbeckernews.com&tfcd=0&npa=0&sz=300x250%7C400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3060270593912244&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=3568784489&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=6A243989-A4E6-4CE3-A2C2-777E97B5E1F1&nel=0&url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&dlt=1643777511792&idt=1831&dt=1643777514095&scor=608459220887647&ged=ve4_td2_tt0_pd2_la2000_er1035.435.1193.735_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
371.json
id5-sync.com/g/v2/ 		213 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.75.146.199 , France, ASN16276 (OVH, FR),
Reverse DNS
p12.id5-sync.com
Software
/
Resource Hash
9f21250fe32a82d9425760fb4347b2c08c65bc1af925df2ad0a3b6db9912e3ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://beckernews.com
Date
Wed, 02 Feb 2022 04:51:53 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
ads
pagead2.googlesyndication.com/gampad/ Frame CCB4 		136 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F94166617%2C22431668266%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_beckernews.com_9&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&cust_params=publisher_name%3Dbeckernews.com&env=vp&correlator=831265817418827&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t&vid_d=40&vid_kw&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=919694079&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=6C3EE8F8-0DF9-44CC-892E-963A972E7F0C&nel=0&eid=44752657&url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&dlt=1643777512770&idt=1212&dt=1643777514274&scor=3355144296744110&ged=ve4_td1_tt0_pd1_la1000_er7618.315.7771.615_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 5E9E 		136 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F94166617%2C22431668266%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_beckernews.com_3&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&cust_params=publisher_name%3Dbeckernews.com&env=vp&correlator=236380880452453&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t&vid_d=40&vid_kw&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=2112361975&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=6C3EE8F8-0DF9-44CC-892E-963A972E7F0C&nel=0&eid=44752657&url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&dlt=1643777512770&idt=1252&dt=1643777514304&scor=226622247951998&ged=ve4_td1_tt0_pd1_la1000_er7618.315.7771.615_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 0DAD 		136 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F94166617%2C22431668266%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_beckernews.com_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&cust_params=publisher_name%3Dbeckernews.com&env=vp&correlator=3839644442891329&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t&vid_d=40&vid_kw&sdkv=h.3.496.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=1962352695&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.496.0&sid=6C3EE8F8-0DF9-44CC-892E-963A972E7F0C&nel=0&eid=44752657&url=https%3A%2F%2Fbeckernews.com%2Fny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934%2F&dlt=1643777512770&idt=1285&dt=1643777514310&scor=2208900568119586&ged=ve4_td1_tt0_pd1_la1000_er7618.315.7771.615_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 04:51:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame CA88 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17136&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Content-Type
image/gif
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=beckernews.com&rs=beckernews.com&sid=51975&t=1643777512&cip=217.64.151.3&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=607eaa2728f57c570863c77a&test=&aafaid=&proto=https&uid=1643777512348-929046190734-008623-009-000580&cha=0.7&stagid=60cdeb227e407c6a2a4199a4&stplid=608a9f291cc704381f4f47f8&d35=&d36=6.1.2.99&cb=51760726993&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-6-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 02 Feb 2022 04:51:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/ 		277 KB
277 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1639356529/landscape3b888cf5-51fc-465d-88ca-8ba6580627bc_1639356406068.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.136 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-136.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3d886e970521027dd0a9e6b7d433deca5c4f15bc78e4120458772b6370eeb217

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=1522612-1805927

Response headers

Date
Wed, 02 Feb 2022 04:51:57 GMT
Cache-Tag
494392110321738828728468980129769924807,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 1522612-1805927/2506604
Connection
keep-alive
Content-Length
283316
X-Served-By
cache-wdc5538-WDC
Last-Modified
Mon, 13 Dec 2021 00:49:01 GMT
Server
cloudinary
X-Timer
S1639369114.956257,VS0,VE0
ETag
"56d8573e163968de1222c4b28c2068b5"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27149181
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=beckernews.com&rs=beckernews.com&sid=94469&t=1643777513&cip=217.64.151.3&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=640&he=361&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1643777512348-929046190734-008623-009-000580&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.99&cb=47644947255&cd1=4.128.0&cd4=731a47d7-9442-4f28-9ab2-f56aa46f2c51&cd5=default&d9=1000&d37=realtime&AV_WIDTH=640&AV_HEIGHT=361
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.6.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-6-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 02 Feb 2022 04:51:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Verdicts & Comments Add Verdict or Comment

227 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| CloudflareApps object| _wpemojiSettings object| params undefined| $ function| jQuery function| documentInitOneSignal function| OneSignal number| infolinks_pid number| infolinks_wsid object| $iceboot object| INFOLINKS function| gtag object| dataLayer function| loadCSS string| _Rumble function| Rumble object| str object| VUUKLE_CONFIG function| EvEmitter function| imagesLoaded object| vce_js_settings function| _typeof object| $ice object| $infolinks object| picturefillCFG function| picturefill object| q2w3_sidebar_options function| extendStatics function| __extends function| __assign string| StopWidgetClassName string| FixedWidgetClassName function| Widget function| getWidgetContainer function| get_sibilings_offset function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| compatabilty_FW_v5 function| Sidebar function| queryElements function| initPlugin function| onDocumentLoaded object| wp function| wprRemoveCPCSS object| __CF$cv$params object| twemoji object| wpJsonRciWidget object| ua_result function| __NEXT_PRELOADREADY object| revcontent function| renderRCWidget object| _ldAdIdMap object| ldAdInit object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _mgIntExchangeNews object| _mgq object| MarketGidInfC1078868 function| MarketGidCContextBlock1078868 function| MarketGidCMainBlock1078868 function| MarketGidCInternalExchangeBlock1078868 function| MarketGidCRejectBlock1078868 function| MarketGidCCriteoBlock1078868 function| MarketGidCInternalExchangeLoggerBlock1078868 function| MarketGidCObserverBlock1078868 function| MarketGidCSendDimensionsBlock1078868 function| MarketGidCRtbBlock1078868 function| MarketGidCDiscountBlock1078868 function| MarketGidCContentPreviewBlock1078868 boolean| mg_loaded_682890_1078868 function| $lvpl function| vuukleLogin function| newVuukleWidgets object| webpackChunk number| VUUKLE_PLATFORM function| vuukleAuthUser function| removeVuukleWidgets function| generateVuukleAds number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 function| _mgLib1_11_67 function| _mgwqp number| $iceId object| gaplugins object| gaGlobal object| gaData function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| PWT function| dspCriteoRTUSCallback object| _vuukleGeo function| __cf_worker_run_after_load function| __cf_run_after_load function| RumbleErrorHandler object| _vuukleConfig object| _0x4cc4 function| _0x30b6 function| _0x4a113e object| _ds05un3 number| _pa_v object| paGlobal function| callUnitMan object| pa_prebid_fw object| pa_pbjs_fw1.1 object| pa_pbjs_fw2.0 object| vol_bar boolean| localStorageBlocked function| vuukleLoader function| vuuklehbChunk object| vuuklehb object| vuukleConsole object| vuukleSlots object| googletag object| aax boolean| _VuukleDebug object| vuuklePlayerComponent number| vuukleLoaded object| confiant object| refCatKv object| aniplayerPos object| onClickExcludes function| mgReject1078868 function| mgLoadAds1078868_03eac function| MarketGidCReject1078868 function| MarketGidLoadGoods1078868_03eac object| ggeac object| google_js_reporting_queue object| pa_pbjs_fw function| _mgqp number| _mgqt number| _mgqi object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_282793 object| com function| _avcp undefined| google_measure_js_timing string| _mgCanonicalUri boolean| _mgPageViewEndPoint682890 string| _mgPvid object| closure_lm_249358 object| auvars object| npt object| storageAni object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| MzI0YWQ4Nzc3YWIyYWE3NmxvYWRlcl9qcw== string| MzI0YWQ4Nzc3YWIyYWE3NmNhY2hlZF9qcw== object| googlefc string| __fcexpdef object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| _mgPageView682890 function| reportIVT object| default_ContributorIabTcfV2ClientJs function| __g78fHfh446__ object| regeneratorRuntime function| LoadCriteoAllPlaces1078868_03eac boolean| i.js.loaded boolean| i-noref.js.loaded object| au function| docReady object| autag function| fbq function| _fbq object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE object| __EXCO string| pbPageIdentifier object| vk_IVT function| Hls function| av_sciv_hndlr1643777512930 object| closure_lm_82670 object| closure_lm_310974

109 Cookies

Domain/Path Name / Value
beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934 Name: logglytrackingsession
Value: 7974f726-0a65-4cf0-a69f-b880c995326d
beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934 Name: exco-uid
Value: eu65ijpf5or434hf
.mgid.com/ Name: __cf_bm
Value: ajN9JP9NRKj43h8D0H6K2g.qh3EXsXvCBIjUs_xPBx4-1643777510-0-AQiC5trNsMvhhpgWLw2a9mKADSGetfcMRb4mI9Q7EJRxMdMlrzF8IeVtCsYonz86kTdKfcsZPfqMKNqtJjX2dWU=
.infolinks.com/ Name: cuid
Value: b13976d3-4f29-46b0-8786-47fbec9a40cc
.beckernews.com/ Name: _ga
Value: GA1.2.569924556.1643777511
.beckernews.com/ Name: _gid
Value: GA1.2.930579321.1643777511
.beckernews.com/ Name: _gat_gtag_UA_190122086_1
Value: 1
beckernews.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.beckernews.com/ Name: _pubcid
Value: 35e0a088-dd39-4225-b54e-7410df38c2a0
.yahoo.com/ Name: A3
Value: d=AQABBOcN-mECEDyFnB3194M9WFV6-n1B95AFEgEBAQFf-2EDYgAAAAAA_eMAAA&S=AQAAAj6FmYhlMTbEVt984oJwliQ
.adnxs.com/ Name: uuid2
Value: 4508530143694285294
.casalemedia.com/ Name: CMID
Value: YfoN5xLB1NHIy20p3eznywAA
.casalemedia.com/ Name: CMPS
Value: 5197
.pubmatic.com/ Name: SyncRTB3
Value: 1644969600%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 826B3EDD-00F9-480F-9464-B85A4BD90237
.360yield.com/ Name: tuuid
Value: 95317b89-2555-4860-a5a2-d4766a959fb7
.360yield.com/ Name: tuuid_lu
Value: 1643777511
.advertising.com/ Name: APID
Value: UPd5eb1182-83e3-11ec-a894-0649641462a8
.casalemedia.com/ Name: CMPRO
Value: 1165
.beckernews.com/ Name: _gat_rumble
Value: 1
.infolinks.com/ Name: ANUSERCOOKIE
Value: 4508530143694285294
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-9qyNuXlE2uEZGWU7BtPIQOpT6HgTGR5x5pujZy4-~A
.doubleclick.net/ Name: IDE
Value: AHWqTUnhOsjMl8mMqc-jtZ8mgJRjVJA5AAyyxWStyoegF9GiN7jge2p6Hh61q09wxPQ
.quantserve.com/ Name: d
Value: EHIBDQGsJbjvsQA
.quantserve.com/ Name: mc
Value: 61fa0de7-47a01-87489-508a6
.infolinks.com/ Name: IXUSERCOOKIE
Value: YfoN5xLB1NHIy20p3eznywAA&1165
.cpx.to/ Name: cpSess
Value: b22b264ef8af3ed
.cpx.to/ Name: dsp_app_nexus
Value: 4508530143694285294#1643777511298
.infolinks.com/ Name: IMDUSERCOOKIE
Value: 95317b89-2555-4860-a5a2-d4766a959fb7
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-bRrOeQZE2uG5L_.Hird4PRkaa8n2e.my~A~UPd5eb1182-83e3-11ec-a894-0649641462a8
.lijit.com/ Name: ljt_reader
Value: 6a6fefede94f1131da446343
.bnmla.com/ Name: rx_sspurl_1000361
Value: https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3Dcf7f8e6b-2c11-4931-b7d4-9c7a06bb93e8
.bnmla.com/ Name: rx_uuid
Value: cf7f8e6b-2c11-4931-b7d4-9c7a06bb93e8
.bnmla.com/ Name: rx_maxage_1000361
Value: 1645073511
.bnmla.com/ Name: rx_sspid_1000361
Value: 1_6_170_162_175_181_19_203_213
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0NjQwNzc3MjA1NjQytrQwtRDiM9RNdwqNdInMM_QJyHUHADut7R4lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFslzmtoZmJsbm5uamhoamEOANXroKQQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0NjQwNzc3MjA1NjQytrQwtRDiM9RNdwqNdInMM_QJyHWX4jU0MzEGqjE1NDS1MAcAVbyVOzQAAAA
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 8aceffa2-5ae5-49d6-ae3e-4e60bc852693
beacon.lynx.cognitivlabs.com/ Name: ss
Value: aCncv5tVNfbefuSBfCHzV7jBc6pyq3uj8btIlheTnZniMzYRc0%2FTH1dkieHJOm4Bmq0e0uBgOnioJDSvj2%2FXSA%3D%3D
beckernews.com/ Name: cto_bidid
Value: 3SYE3V9kclZMWmo5VEpaQnNKbWxBUVRaNldpQXBtZ1dhY3hsNGtDZUZYV3U2YkI0Y1ZBdSUyRkdMQTdQeVowSFp3VyUyQkRZVWh4U2ZwcmdWbjN2dHdpSUxmT2ZYRkElM0QlM0Q
beckernews.com/ Name: cto_bundle
Value: mGnl_F80MSUyRjVuNHFwcFBDQ0szZGZxbSUyQnZVSkVUTjFQR0xKJTJCbjBTR2lOYklzWk1NbXdzMFRvT2NRYjJDNkFuMEZzVkpyMk9UY0w0QXJPRHlVdm5JeUZ2WXV5YUtJTXJhYzlCeEJmSGQlMkJ3ajFPQTBMYXBLU1h1eUM0S2FVM0ttcVAlMkI1UmM
.infolinks.com/ Name: KADUSERCOOKIE
Value: 826B3EDD-00F9-480F-9464-B85A4BD90237~1643777598085
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 5131077720531239858
.adsrvr.org/ Name: TDID
Value: a585cdf0-ef00-4865-983c-fcbe375aa250
.pubmatic.com/ Name: PUBMDCID
Value: 1
.ad.gt/ Name: au_id
Value: 0051ca09-1455-4e27-bb5b-bb85f25a7be4
.ad.gt/ Name: au_idmatch
Value: {"apn": "2022-02-02", "ttd": "2022-02-02", "pub": "2022-02-02", "adx": "2022-02-02", "halo": "2022-02-02", "goo": "2022-02-02", "ppnt": "2022-02-02", "ado": "2022-02-02", "smart": "2022-02-02"}
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: 6a6fefede94f1131da446343
.pubmatic.com/ Name: pi
Value: 156872:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 81faca1befdfaae0
.beckernews.com/ Name: __cf_bm
Value: PUBHUawJpDnU3V6GiYHY35IhrUhuv5M6FAc_3Wa1QQo-1643777511-0-AVyWLbJWmjck5jkVpjtHg75Ez0yd65ofL+N6cqBgoBFz/A7VTLqWyLRYKz9k8i8KflSSVopFnysJXq3NNhscUd2kBhuXN+v/ztzC3JweNoxbBgsH9hlr6iStAyldFIZ64Q==
.mgid.com/ Name: muidn
Value: m11Q4rWNpiPk
.demdex.net/ Name: demdex
Value: 06545683187895026300571796834151375702
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: 826B3EDD-00F9-480F-9464-B85A4BD90237
.dpm.demdex.net/ Name: dpm
Value: 06545683187895026300571796834151375702
servicer.mgid.com/ Name: __mglb
Value: 4aae4d8c393f422d100aefd60785b084
beckernews.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1078868%22%3A%7B%22page%22%3A1%2C%22time%22%3A1643777512407%7D%7D
.vuukle.com/ Name: aniC
Value: 1643777512348-929046190734-008623-009-000580
.ad.gt/ Name: last_seeng_hosted
Value: 1643777512479
.ad.gt/ Name: g_hosted
Value:
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005%22%7D
.ad.gt/ Name: last_seentd
Value: 1643777512490
.ad.gt/ Name: tdid
Value: a585cdf0-ef00-4865-983c-fcbe375aa250
.ad.gt/ Name: first_seentd
Value: 1643777512490
.ad.gt/ Name: last_seenadx
Value: 1643777512492
.ad.gt/ Name: google_gid
Value: CAESEO-D8aQ-x9sOxkIdR89-KZE
.ad.gt/ Name: first_seenadx
Value: 1643777512492
.ad.gt/ Name: last_seenpbm
Value: 1643777512495
.ad.gt/ Name: pbm
Value: 826B3EDD-00F9-480F-9464-B85A4BD90237
.ad.gt/ Name: first_seenpbm
Value: 1643777512495
.bidswitch.net/ Name: tuuid
Value: 750f7c55-9c9d-492f-80a5-7be17051bae3
.bidswitch.net/ Name: c
Value: 1643777512
.bidswitch.net/ Name: tuuid_lu
Value: 1643777512
.infolinks.com/ Name: R1USERCOOKIE
Value: RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005
.ad.gt/ Name: last_seenpulsepoint
Value: 1643777512496
.ad.gt/ Name: uid
Value: B9rDb5rmqBBL
.ad.gt/ Name: last_seenadb
Value: 1643777512497
.ad.gt/ Name: adb
Value: 06545683187895026300571796834151375702
.ad.gt/ Name: last_seenadnxs
Value: 1643777512499
.ad.gt/ Name: adnxs_id
Value: 4508530143694285294
.ad.gt/ Name: first_seenadnxs
Value: 1643777512499
.nrich.ai/ Name: _nauid
Value: c9d24dfb-5819-4e67-ba1b-ffc680ed3c8d
.ad.gt/ Name: last_seenhaloid
Value: 1643777512687
.ad.gt/ Name: halo_id
Value: 0201tlxlfd07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
.ad.gt/ Name: first_seenhaloid
Value: 1643777512688
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.vuukle.com/ Name: 2_C_22
Value: 95317b89-2555-4860-a5a2-d4766a959fb7
servs.vuukle.com/ Name: 2_C_22
Value: 95317b89-2555-4860-a5a2-d4766a959fb7
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005%22%7D
beckernews.com/ Name: _lr_retry_request
Value: true
beckernews.com/ Name: _lr_env_src_ats
Value: false
.beckernews.com/ Name: _fbp
Value: fb.1.1643777513002.1260457798
beckernews.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22a585cdf0-ef00-4865-983c-fcbe375aa250%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-01-02T04%3A51%3A53%22%7D
.facebook.com/ Name: fr
Value: 0tTwpU6Yxt1MTchf9..Bh-g3p...1.0.Bh-g3p.
.beckernews.com/ Name: panoramaId_expiry
Value: 1643863913050
.vuukle.com/ Name: 2_C_200
Value: RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005
servs.vuukle.com/ Name: 2_C_200
Value: RX-acb47eee-49dd-47c4-a6f6-54075a7fcd64-005
.casalemedia.com/ Name: CMST
Value: YfoN52H6DekA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YfoN6QADHUiZhgBH
.turn.com/ Name: uid
Value: 3841559664404378862
.bidr.io/ Name: bito
Value: AAD6Yk7D9BwAAAHO135GJw
.bidr.io/ Name: bitoIsSecure
Value: ok
.aniview.com/ Name: 2_C_42
Value: YfoN5xLB1NHIy20p3eznywAA&1165
sync.aniview.com/ Name: 2_C_42
Value: YfoN5xLB1NHIy20p3eznywAA&1165
.casalemedia.com/ Name: CMRUM3
Value: 5161fa0de72760eDVFkX5gRsdjMBSRfjUOyHkwG8ljMRPILzK3iI7a&2e61fa0de905a0&1a61fa0de905a0&0861fa0de727608aceffa2-5ae5-49d6-ae3e-4e60bc852693&f161fa0de705a0&5861fa0de92760YfoN6QADHUiZhgBH&8261fa0de92760AAD6Yk7D9BwAAAHO135GJw&da61fa0de72760&6961fa0de905a00&4961fa0de905a0&2761fa0de70b40&0461fa0de905a0&e661fa0de92760&2d61fa0de72760CAESECaf3mBsIYdf0K4FN14zV5g&1161fa0de705a0
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjGqNvuzoSzOhAFOAFaBmFkYXB0dmAC
.analytics.yahoo.com/ Name: IDSYNC
Value: "192u~2304:18xp~2304:187s~2304:1776~2304"

5 Console Messages

Source Level URL
Text
network error URL: https://match.bnmla.com/usersync?dspid=1&uuid=jGERCxDZMomp&ev=1&us_privacy=${us_privacy}&pid=558752
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
javascript warning URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Message:
The resource https://s.flocdn.com/cmp/2.1.5/tcf-2.0-cmp.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://beckernews.com/ny-times-sues-biden-administration-for-hunter-biden-emails-in-probe-for-corrupt-foreign-ties-43934/
Message:
The resource https://s.flocdn.com/cmp/2.1.5/tcf-2.0-loader.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ad.360yield.com
ad.turn.com
ads.adaptv.advertising.com
ads.pubmatic.com
ap.lijit.com
api.rlcdn.com
api.vuukle.com
assets.revcontent.com
atrack.avplayer.com
aufp.io
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
beckernews.com
bh.contextweb.com
c.mgid.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.onesignal.com
cdn.revcontent.com
cdn.vuukle.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
ce.lijit.com
cm.g.doubleclick.net
cm.mgid.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
d.adroll.com
de.tynt.com
dpm.demdex.net
dsp.adkernel.com
dsp.nrich.ai
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gum.criteo.com
hb.brainlyads.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
ids.ad.gt
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
img.onesignal.com
img.revcontent.com
jsc.mgid.com
lockerdome.com
match.adsrvr.org
match.bnmla.com
match.prod.bidr.io
mcd.ex.co
media.vuukle.com
mug.criteo.com
onesignal.com
onetag-sys.com
p.ad.gt
p.rfihub.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pixel.zprk.io
pixels.ad.gt
play.aniview.com
player.aniview.com
player.avplayer.com
player.ex.co
powerad.ai
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-server.rubiconproject.com
premiumsrv.aniview.com
publish.vuukle.com
rddywd.com
reporting.powerad.ai
resources.infolinks.com
router.infolinks.com
rt3007.infolinks.com
rumble.com
s-img.mgid.com
s.amazon-adsystem.com
s.cpx.to
s.flocdn.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
serv.vuukle.com
servicer.mgid.com
servs.vuukle.com
servt.vuukle.com
sp.rmbl.ws
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.go.sonobi.com
sync.smartadserver.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tag.escalated.io
tg1.vuukle.com
token.rubiconproject.com
track1.aniview.com
trends.revcontent.com
u.openx.net
ups.analytics.yahoo.com
video-native.mgid.com
vuukle.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
x.bidswitch.net
yeet.revcontent.com
104.154.142.214
104.19.135.78
104.36.113.17
104.36.113.23
104.92.74.8
13.228.12.66
141.226.228.48
142.250.184.226
142.250.185.98
143.204.215.118
15.197.193.217
151.101.193.194
151.101.194.49
151.101.66.132
151.139.128.11
169.55.146.12
172.66.41.9
172.66.42.247
174.137.133.49
178.162.133.149
178.250.2.146
18.185.44.17
18.192.29.118
18.210.180.232
18.211.226.152
18.213.6.218
18.235.17.58
185.64.190.79
185.86.137.133
193.0.160.129
193.122.174.27
198.148.27.139
198.47.127.20
199.127.204.147
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
209.54.180.144
23.20.158.212
23.37.42.132
2600:9000:206f:f000:a:cbb7:a940:93a1
2600:9000:2260:de00:b:6268:b880:93a1
2606:4700:10::6816:3ca8
2606:4700:3036::ac43:8a2c
2606:4700::6810:5814
2606:4700::6812:e134
2606:4700:e4::ac40:a414
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1450:4001:800::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2006
2a00:1450:400c:c08::9c
2a02:2638::1c
2a02:26f0:ef::5f65:4d5b
2a02:26f0:ef::5f65:4d5e
2a02:26f0:fb:5a7::2c79
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:fa87:fffe::c000:4902
2a05:d018:d29:3601:6aba:1333:1e2b:7cf5
3.122.48.254
3.126.56.137
3.209.156.238
3.232.101.2
3.88.244.23
34.120.133.55
34.211.237.159
35.165.111.143
35.174.191.125
35.244.159.8
37.252.172.123
37.252.172.45
38.27.122.126
44.238.59.174
51.255.68.171
51.38.120.206
51.75.146.199
52.205.96.140
52.211.218.251
52.215.125.248
52.24.240.27
52.41.22.107
52.50.112.53
52.6.110.80
54.194.94.231
54.197.247.252
54.229.233.249
54.234.151.247
54.246.168.255
54.78.253.158
67.202.105.21
67.202.105.31
69.173.151.100
70.42.32.223
72.251.249.13
72.251.249.9
8.39.36.142
95.100.153.136
005271c8809dfb7cd408751724a2170ca81a3277de5d8cae0ec34db97050348f
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf
046a9492b0c0ca236e165f42a8098dabfce1d6cc2ef20acc9afd32d7427db7b2
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06e7e2d29086079886791f958af177ddeb5a26c90bcb202cdfdc347335912e16
0722a7e24a4dfbcee6446de27d9cdec151cf9dedfd4875633214fbe07b26276e
08ca0c73f89f5bc5963159017015d8a2367b34a502c940b7052082c40c927939
0a3868c61ca885220fcbe768210f995e928e578050c68a425acd82688adba5be
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eb35c4ce205d217f347a32e7dedeb4610c6cf9e0185052e349e22ba44ef46c0
0ee6592c25ab27ff2bc7f2d8cb36b768e46b4e0f4475fe8b366fd9e2582db2ef
0f05526ff3afc37a0c1656a09e4a6fee5571350318ed13be65156fb24e54b394
0f69116cb1c7fe8e2fd18e592bbb06c1d9fc453f62aaf45df8a6612dd3ec1f97
0fb67b5ed5b3f0100c438fc38cd7ccb7cb1d55313d6fd0c7282472df3aca33ae
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725
16d71e21df34a94ff40c517853c978c696cb27895b4a0b64637a48f8cc58453d
17f618f8f01a1d57729c1b78fbd15edd64764c1dbdb2377fa84a5f39ee1c67c0
194c747163198072c818b9eb8b35b2afca979f93f54009c67903e1dcb7503aef
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1cc8fba655222d052e069a5fa6152920559e0c665d31bbaebc2c2f1797e1ceeb
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147
22d67ebbc3b86ad39403952f6e9e3a67efcce2d56f9c168f236930c1c9b77ce9
22dc09e053641dbee00b20cf2894802b3a119e99d568ff099e7c6b413a85ba38
23cf82cc09313b4ca270855734c90c760202e753d9292a88ba8ab2349ab64a84
2403c547323e252309d499941b20324d71d113374e88da01e7a2bec540568946
24b25a9de83f7f3cfdf7dbe49789cbc31b1f1ebd794c25a2918e90e14875f38c
261e918e8e6767d021cb4dc761152a7d09ea8d298288776ac2fea357e7801d45
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
297161ff4e893f820491d4915e427edae980db3dccad5e72d7fb519ae2f32a48
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b697ae3266afd70d1108fda9eea78b90db518003f1049e6913ad0e0368723fc
2d76461b2cf51768c65aa837795216c8feabf3d9ff913c000f9d905e9afc46ab
2e11fb442e44464d109e15eb410406916fcf79f98087e57c7209f725342049f8
3050027127e3700d6448c3083833a09f7c21929c00c3dd0b07252ea2c4d488cc
3133b8429b15c13b9f4b222eb2098a73412ff3ae9645d55e0dbdc96367fdf74a
3134b8918a8367da0750c58d7d54789797608825b5c91d490c6e87251cd25ddb
316655dd83f650f20ec9786a8d133183e804b11942b6ab4136aa83b2c30f27bd
333a6e74f73717b1f1208f551ea7d245ca517ab1e0e9f11e39938ea6b205e098
3400d64890530a90aa5ea41284e2e0dabc056ca6a8208f34cdbf80a07f360cd2
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3cd72707a6eb0ba2f481bf98476ada929d93c3cc1ccf2fa702f4e237ddbea113
3d886e970521027dd0a9e6b7d433deca5c4f15bc78e4120458772b6370eeb217
3e34c1f33699b063fdeabd6f6097f5dee67969aa618a86e44765b945d0ad9197
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40bc5c943a450c0c125d006924a518fc96ae118dfb2f017e370e40f85debc3a9
40ce275f228f3d6a1ff2b08b142a8a385d04da568306b3aa9133d50da9b8b850
413d6a64ecbfb5ad83e7ea4d1b670151741e78a16227ebb6adca391deaef3f25
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
44c6ff9118e9a98e5d9118fcb9d30012a304d85908490837d463db973d5be2cb
46a4006c800c41fa760447412f55a64597eaf2c7aa633b1f6952c492d6d4e261
474a52ac79d337ae69559ff92043d3a2a52c74130b3ab68420205004f6c593c9
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c5091be81b842fa184aa87eb73febbff2ba72ec1afc55e959ef29dbbf9b8853
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fbe550b77ee74326c037ac840193315da6af2ccd701865af574ee9194271486
50f933f2d6f22236cfa0c25705160e741ec07ca62ab0b4951ee3cdae2a861709
523e02dd4ec34f964addcf94fdb9796d68094b692702a6a0435e7ccf274ea88d
526400b95b0e9de4694e4ef31114930eb8561849f167cdb1b366427328755da9
52e2553c61bcf363e21cf85d1d25fd089a795099a1f3a8fdb6ec6f67606c0ce6
5339542b9c260a4c71cc27fd8880a84c5fece35f860b88292770e5e5c6f1d794
53f98bb0b288d162a288ce2caf8406c00c1fd474f0c73a58b5893098271621a9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5713867ac8881dd5a8e178755241a12fc55d6a4144c27216e5608064b1ed972e
595491a31e2d1136c3b62f5e8c7f2e4bb39b83f47dc0d24b8f8ad67aa81c1dda
596b4aabca01ac591c9a7d2b2d8c4893d5ebb36609405574c66c56a32e816ead
598d76f0178bc4add6dec889790d5b209ed00a25489e61b546ba78f4dd69f5bc
5be1ca149f15b9763c22ce39cefc22e6cd2e561ce7fca21c2fc58d0230cb7e4a
5bf7378bca4930ee4e9fb8ab093c16ab60489c74376390de855b71d0c706ea57
5c0a9358d9648972ebf6c451d9db1f0372f343da97faefc965d0e1d07ea0418d
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f4b5c6db74437117ecdf2ff5109b934ccc182812773c3baf8be99a11398ecf9
613ac16c647342fbc50e4123b18e47140effe7392830b2d88c942768f5f49019
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62a9c3994c6e62ae0cae5c4a5dafe072f0c7100ae5d11db203fec60d0695e6b1
62c3a4f78334221a29592245d0d3cda9fb3a850afc658bc7010682c0b723cb72
638aab372d01f87bd3b827714d4b72124ad034765c8cde1939b233f59fcb62c9
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
670390e72b0535447ab335d4c8d6c4b5e54660b78c9525a9e2f0722718dc2f24
67c9ac3fbe66e4ffcd141c32ee16b875119de3a5548212747a99e158a7aab3c8
693c1fc05326e4380777179beeb3c1487c75efb8c83fc995a3a8d8c7c756885f
6a3b9e1f2fa2b16e3c88d9c5696d4a96e82d24b64b219a29cc633d75837c6984
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d5a1972e5bab5e7a4d05d146ee5617e6d5eaa03f2e893dc60d8321139e71b7c
6ea7c9d811d5ae86e7cd6b4546019c06f403918020f0fe1f3bc00bf75c46bf00
6ead984c7fdcf4798d3a2ccef5d1c584d4eaa68b04eb03a00a329a2add393fda
700ef6d5794e7e87ada4629945e7c3b510bcf58945283de4bdf5e317365383f3
7074a911d479e7ce886ef7495596eb8404a2a4094abfe3593e9cac8a2e6f33e0
7114b2677059736a054c95cd8b85b0daf49d46979d86d87d74cb612d1c6b0c8d
71fa1f7d7f86952d4f8409f3c419849828c9416c58ac248e23e02b2ddc712dd1
73d50dce2f4a90ea6708c1a5e6e6d69227b0cf2c405300409bea8d8c4b748341
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
767e37bcd6daaf0e719be2ba4bba0a36a11040e971b918a068bf8cb0ea9c4aca
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2
7dc3d696cb03eb09405e88fe6708385b86fc4303725052706b5d018842631811
7e75dc45a4ebc4bae4111477b5611cd04299866b36d34e93b89e6dffe4b5b039
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7fdffd2fc14cab4ff6d7c87b4e3c5aec0932e00211967fb577a0bb190a263386
819512599642371938d80fa33c6fd22169e43f381b67203033ff4ffa04fe06a8
81a1e95338046a7214351ca54f5f155ab1509eac4be89cee6881d99a3c8c503b
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fdb91b2adf11e77ab7f337f1ae7fe54d6f04cd903f4e437183e52b9c2652ba
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8548d22e0fe82f9ac98dd5148510c0bb6885aad92f661876a8078b9be620ea2e
85a128ece4d65c4e635e7566fddfdce529b54491b4d934e5a2e88013f3dcad36
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
86e8be85acf880935aa96b9d7aaf4fa97bf5a0e2db09835040e5b97ec43d5cc2
873af853dede2eef6d739dd841fb21596d262ff33e68a965eb377e47ed8d4c7c
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
8882c05ade8d73602a50fccfc5e3d2ad0ff2427e6c7adafc2d8f13a1da7f1ec4
8889425709593626cd565d67e0f48405e66aca6a1dd9fb77b22519ef54aec62e
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8c7c1fccc2867ae191b996b6d0749630e729141a97ebc8080b133816e423fa3b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
909f64680549c702a20a02972856933ff2b88ace80e5b8625fb79f8c1879c41d
90dd60ca14caa7eda327d78f9ad109b06feb5b69f3664b8a28519d2383adb689
93e8ff7840c49c8cee07eb6ad719a5f747017044a5855a69f4c08fb19c9304c0
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
97f9639ee27e7951f93e6507ab9d203e2d003b72cfc06c6bcaffe3e8687bbc8d
9969c43d4faf911b8abefd982acb353f3e708e9f6124a4ebd53c018bc02fbf1d
9bb58432d2cefd5331989d71d077a476e7cc02e1a7d8b4029c6043ae88bd6755
9cbc3c4e65d00aecc9ad3dbc53d4ef56907fefd54105697ad38a9b549efc538d
9e523aba4ee40ec4c2738eb8907fdf92c9b012e949ee20187358f0778dd59934
9e539942b1cd2922e885e555fb94830d03679854555104a555b61a25a67dccba
9f21250fe32a82d9425760fb4347b2c08c65bc1af925df2ad0a3b6db9912e3ea
9f8c21bf9c85eb1f80a9331ec6ce7e7444ba0a12bdb1db120b07f05885d0847d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03
a2ac413eee80522332c7a7932279c1859971a2656710d22fc5fff522cf3c5f5c
a2d1e7372db2f8c515be5b6eafd29390113610bd591979a468429f293badb9b9
a2dcd513eda6633956e1508982f2da9451d55f5c278a2b8786761ea2aa6e64e1
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
a9a06adcf1173ccb5f44531ad265f5089420367edce72df8afc2ab4938a79ef0
ab7597cf4d2e6c7f931bf693745c6ddcd9f52ac13cb2b092edf390876025297e
ab78d693c638726755efb22528d50266969c0f308761f4b381ba86014ead7df3
ae0b601fc46c8d0051e388e6abcf8e6bbfc30d2e0bfdf9f14fb1778d8de4cc73
ae439888f2214505d682d6ab8b3de557ede87d5808db486409258b3264e3dd5f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28bb63c3761aa8dfe1bdb1a4b82ce643fc0e6bb05d9b65ad80a741ea01b9121
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
b732aa760484feded70866a79c1f89bafdc9938e83e74b0d8d8ff7fbb4a7b77a
b9094c4b0fb618d27300420cc664a9d7a2a8144c09941cfba09d66ea67370532
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
ba7a21fc27a575235d82ada12a4c029f3489b2dbec4a70c40e3efcb93b826274
bb6bd69700e21a8f9bc89da3eb5609dc34ebecaa70165a66771e04fbaa369131
bba12d8ac3a1e2c24fd6e4e346ceeccf9e2150089233dfe1008d7539f4646795
bbb5793911e601330153418c841cc86a73e0018eee5887ccf121c9ded7cee53f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be2c1d142ca4d74edfb9ef8b913a29ece475f2d2b3783752fd214facb05f0d4e
bf24bb0fcc3cd1301d5fe72ee9d6d2cd791904d4a11053e4e4d5409f7a143775
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c03fed88c3e1b81f464e5c6f0b11cd538155d1cd32d1618a015be70409ef5244
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c567b14ad40fa3aea9b66248d0297f793e5ef2f916db8857b8d9fd73c309e85b
c5e153bbbee25ea7782cded1453876f24f5b83b5eca8a1f55888470fb69c2f1b
c636cdf8f523ada818ad53ff012d37b57190cc6702fdf0e6a35a502fcd4f625f
c6fe2ed7936281998340e0a1ace5a4e424174d3ad52dcd761e80200b79f0d5dd
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
cb677b273e0cd729cafdb33788f504479d9c363e74fcca9971e3f70d61931a8b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
ce119693737ea8188cb783d6e1f935bf0d10d2b5bc1190b3450e3fc9fe22bb99
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2909b557be35396b05c5a3479a595f47e2c5eca9e89c3baee35894b019f3280
d51fc32f16709946cd68db3ca2ab3a88d7e8bf7dad9a28834a51e19aed8c3a8d
d651a9d796f5ead04bd3e80e824b8f614de2c067675d05f75a22cd138c022a2d
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c
d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f
d93c9af44c52985a421487d9eea6032d2f3bd0c9d55f60b154ff3533a4836563
d9a68a4c4bfa7c59739ca435b5ba2cc3547872601f56040c63e60f5ffeae1be5
da027b48bd2e0721776f5370f0886a70f4a9b759bd3e6dbd2f4eeb399a8ed042
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e04a7746251843cf567a9b27c7ae4d244ce9575519ff3daf328e19696d1bbd1a
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e1cd6f54ad9448af67ce35190d1616cf78cdb6b717f2fce2b4c6ca436c6d5de3
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e5273ad1e5952aeae397bfa2d19fe8685b47e73a30197ad220d177ccfb8ce8da
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eb0b44522322e3379c9c3519c63813eab096880b9860a50a17712c5f085580e3
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef026e13d21b56d14ffd8901bcc355cc7db094f1cfefed281c5de78c8a05b911
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5c4f8a147f15f5f3b64b08f1c63f9f8d10d81f32074399f3e4de897be1fd3d
f0cdc9f83afec9ab82c2c17f1c7478740ecf2bb51fb29f01e58e5de8b3d539fb
f15b019d25811f8ff2678c5cd43b3fd889812afde376822a239a4aa08064b454
f303ac6af2a5ebb406d6fc50426f1c0b8bc3c915dbc1a70db7595ec6590343b9
f31f4be906d66ffeb3c670262800634c7ca5aeb24556cbb23e85b8c6a2d6a722
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01
fa22d3fbb11188ca2c1276dd8b32813ed6f6fa66119fb3ba944520a8ac0e94e0
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
fff132c8dc9caacc695aac6e4910e6812e4dcf87e5540ae45371d9859b39fdea