urlscan.io logo urlscan.io
SecurityTrails logo

resistthemainstream.org Open in urlscan Pro
2606:4700:20::ac43:442c  Public Scan

Go To Rescan Add Verdict Report
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Submission: On January 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 94 IPs in 11 countries across 71 domains to perform 313 HTTP transactions. The main IP is 2606:4700:20::ac43:442c, located in United States and belongs to CLOUDFLARENET, US. The main domain is resistthemainstream.org. The Cisco Umbrella rank of the primary domain is 465163.
TLS certificate: Issued by R3 on January 17th 2022. Valid for: 3 months.
This is the only time resistthemainstream.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 35.190.62.199 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 172.66.42.247 13335 (CLOUDFLAR...)
13 104.19.133.78 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
6 104.154.142.214 15169 (GOOGLE)
1 172.66.41.9 13335 (CLOUDFLAR...)
1 67.202.105.33 32748 (STEADFAST)
2 13 2.18.234.21 16625 (AKAMAI-AS)
2 51.89.9.251 16276 (OVH)
4 4 185.64.190.79 62713 (AS-PUBMATIC)
4 6 142.250.185.98 15169 (GOOGLE)
1 1 185.64.190.80 62713 (AS-PUBMATIC)
2 2 198.47.127.20 3257 (GTT-BACKB...)
4 5 185.33.221.87 29990 (ASN-APPNEX)
1 35.244.159.8 15169 (GOOGLE)
3 3 3.126.56.137 16509 (AMAZON-02)
3 3 213.19.147.45 3356 (LEVEL3)
2 4 52.223.40.198 16509 (AMAZON-02)
2 2 64.202.112.255 22075 (AS-OUTBRAIN)
1 178.162.133.149 60781 (LEASEWEB-...)
1 52.16.87.205 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 52.211.218.251 16509 (AMAZON-02)
2 2 35.156.69.231 16509 (AMAZON-02)
1 38.27.122.101 174 (COGENT-174)
2 3 63.251.14.3 32475 (SINGLEHOP...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 67.202.105.22 32748 (STEADFAST)
1 2 209.54.177.54 16509 (AMAZON-02)
2 2 18.194.149.16 16509 (AMAZON-02)
1 1 34.225.96.147 14618 (AMAZON-AES)
1 1 2001:678:cb4:... 56396 (AMOBEE)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 89.187.169.47 60068 (CDN77 ^_^)
1 2600:9000:215... 16509 (AMAZON-02)
16 104.19.135.78 13335 (CLOUDFLAR...)
1 2a03:90c0:41:... 199524 (GCORE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 151.101.130.132 54113 (FASTLY)
5 54.164.123.106 14618 (AMAZON-AES)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 18.213.50.69 14618 (AMAZON-AES)
5 45.133.44.4 39572 (ADVANCEDH...)
6 34.194.106.25 14618 (AMAZON-AES)
1 75.101.235.47 14618 (AMAZON-AES)
12 2.16.186.146 20940 (AKAMAI-ASN1)
8 185.239.173.226 55081 (24SHELLS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 5.178.65.245 50673 (SERVERIUS-AS)
1 185.184.8.65 204995 (RTB-HOUSE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.83.70.67 55081 (24SHELLS)
1 135.125.163.79 16276 (OVH)
1 96.46.183.20 7979 (SERVERS-COM)
3 185.64.189.112 62713 (AS-PUBMATIC)
1 178.250.2.131 44788 (ASN-CRITE...)
1 2602:803:c003... 26667 (RUBICONPR...)
2 45.133.44.3 39572 (ADVANCEDH...)
1 1 23.227.139.243 55081 (24SHELLS)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 37.18.16.16 205675 (HYBRID-AS)
2 2.18.233.180 16625 (AKAMAI-AS)
1 1 23.37.42.132 16625 (AKAMAI-AS)
6 23.79.143.124 16625 (AKAMAI-AS)
12 213.19.147.43 3356 (LEVEL3)
4 8 185.86.137.114 201081 (SMARTADSE...)
2 185.86.139.58 201081 (SMARTADSE...)
4 52.208.19.36 16509 (AMAZON-02)
1 185.33.221.50 29990 (ASN-APPNEX)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
4 4 151.101.130.49 54113 (FASTLY)
2 2 52.210.199.144 16509 (AMAZON-02)
1 18.194.122.86 16509 (AMAZON-02)
1 37.157.6.253 198622 (ADFORM)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 52.200.158.235 14618 (AMAZON-AES)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 2 54.174.249.39 14618 (AMAZON-AES)
1 69.173.151.100 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
3 3 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
4 69.173.144.139 26667 (RUBICONPR...)
1 5 185.29.132.241 30419 (MEDIAMATH...)
3 185.29.134.245 30419 (MEDIAMATH...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 138.201.64.38 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
1 4 138.201.63.164 24940 (HETZNER-AS)
2 51.89.7.202 16276 (OVH)
4 142.250.186.130 15169 (GOOGLE)
4 37.157.4.24 198622 (ADFORM)
1 2 35.227.248.159 15169 (GOOGLE)
17 37.157.5.73 198622 (ADFORM)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
313 94
26    2606:4700:20::ac43:442c (United States)

ASN13335 (CLOUDFLARENET, US)
resistthemainstream.org
5    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    35.190.62.199 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 199.62.190.35.bc.googleusercontent.com
fearlessfaucet.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
21    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3027.infolinks.com
13    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
2    2606:4700:20::681a:891 (United States)

ASN13335 (CLOUDFLARENET, US)
talk.hyvor.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2156:6a00:a:cbb7:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.lockerdomecdn.com
6    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
1    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
rt3027.infolinks.com
1    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
13    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
4    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
6    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
5    185.33.221.87 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    52.16.87.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-87-205.eu-west-1.compute.amazonaws.com
s.cpx.to
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    52.211.218.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-218-251.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    35.156.69.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-69-231.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
3    63.251.14.3 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
ce.lijit.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    18.194.149.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-149-16.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    34.225.96.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-96-147.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
7    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
ajax.googleapis.com
5    2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
a.omappapi.com
1    2600:9000:2156:7200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
16    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
2    2606:4700:3037::6815:3471 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
1    151.101.130.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
5    54.164.123.106 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-123-106.compute-1.amazonaws.com
prd-collector-anon.ex.co
1    2a02:26f0:6c00::210:bb91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
2    2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
2    18.213.50.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-50-69.compute-1.amazonaws.com
atrack.avplayer.com
5    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
6    34.194.106.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-106-25.compute-1.amazonaws.com
track1.aniview.com
1    75.101.235.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-235-47.compute-1.amazonaws.com
premiumsrv.aniview.com
12    2.16.186.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-146.deploy.static.akamaitechnologies.com
mcd.ex.co
8    185.239.173.226 (United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    5.178.65.245 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
1    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    185.83.70.67 (London, United Kingdom)

ASN55081 (24SHELLS, US)
research.adtelligent.com
1    135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu
rtb.adxpremium.services
1    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
p.jsapicdn.com
1    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
1    37.18.16.16 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
12    213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.targeting.unrulymedia.com
tag.1rx.io
8    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
www9.smartadserver.com
2    185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
4    52.208.19.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-19-36.eu-west-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    2a05:d018:d29:3605:7fb0:fdcc:4343:870d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    52.210.199.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-199-144.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    18.194.122.86 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-122-86.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    52.200.158.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-158-235.compute-1.amazonaws.com
sync.aniview.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    54.174.249.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-249-39.compute-1.amazonaws.com
um2.eqads.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    185.29.134.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
1    2602:803:c003:200::27 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    138.201.64.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de
hal9000.redintelligence.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
4    138.201.63.164 (Neulussheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de
hal90006.redintelligence.net
2    51.89.7.202 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p37.id5-sync.com
id5-sync.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pubads.g.doubleclick.net
4    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
17    37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
3    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
Apex Domain
Subdomains		 Transfer
30 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7373
c.mgid.com — Cisco Umbrella Rank: 5668
cdn.mgid.com — Cisco Umbrella Rank: 9908
servicer.mgid.com — Cisco Umbrella Rank: 7619
s-img.mgid.com — Cisco Umbrella Rank: 6584
cm.mgid.com — Cisco Umbrella Rank: 1572
video-native.mgid.com — Cisco Umbrella Rank: 26854
565 KB
26 resistthemainstream.org
resistthemainstream.org — Cisco Umbrella Rank: 465163
568 KB
22 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
track.adform.net — Cisco Umbrella Rank: 3933
s1.adform.net — Cisco Umbrella Rank: 7975
173 KB
22 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 7980
router.infolinks.com — Cisco Umbrella Rank: 2877
rt3027.infolinks.com — Cisco Umbrella Rank: 80774
278 KB
21 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
eus.rubiconproject.com — Cisco Umbrella Rank: 541
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1121
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1135
token.rubiconproject.com — Cisco Umbrella Rank: 689
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10534
38 KB
18 ex.co
player.ex.co — Cisco Umbrella Rank: 10546
prd-collector-anon.ex.co — Cisco Umbrella Rank: 8539
mcd.ex.co — Cisco Umbrella Rank: 10432
2 MB
15 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 5710
ghb.adtelligent.com — Cisco Umbrella Rank: 5988
research.adtelligent.com — Cisco Umbrella Rank: 675693
sync.adtelligent.com — Cisco Umbrella Rank: 2849
169 KB
15 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
pubads.g.doubleclick.net — Cisco Umbrella Rank: 462
86 KB
13 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 609
image2.pubmatic.com — Cisco Umbrella Rank: 1032
image4.pubmatic.com — Cisco Umbrella Rank: 848
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 473
image6.pubmatic.com — Cisco Umbrella Rank: 595
16 KB
13 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
ssum.casalemedia.com — Cisco Umbrella Rank: 1337
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
15 KB
10 smartadserver.com
www9.smartadserver.com — Cisco Umbrella Rank: 7271
prg.smartadserver.com — Cisco Umbrella Rank: 1505
6 KB
10 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2244
track1.aniview.com — Cisco Umbrella Rank: 2186
premiumsrv.aniview.com — Cisco Umbrella Rank: 11372
sync.aniview.com — Cisco Umbrella Rank: 2703
201 KB
9 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
tags.mathtag.com — Cisco Umbrella Rank: 3608
pixel.mathtag.com — Cisco Umbrella Rank: 1240
6 KB
9 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
tag.targeting.unrulymedia.com — Cisco Umbrella Rank: 8400
3 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
imasdk.googleapis.com — Cisco Umbrella Rank: 418
ajax.googleapis.com — Cisco Umbrella Rank: 293
1 MB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
8 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 528
tag.1rx.io — Cisco Umbrella Rank: 1334
2 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
ads.yahoo.com — Cisco Umbrella Rank: 913
3 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
secure.adnxs.com — Cisco Umbrella Rank: 404
10 KB
6 lockerdome.com
lockerdome.com — Cisco Umbrella Rank: 9858
8 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3036
onesignal.com — Cisco Umbrella Rank: 1251
img.onesignal.com — Cisco Umbrella Rank: 6182
89 KB
5 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 32669
hal90006.redintelligence.net — Cisco Umbrella Rank: 250294
8 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
51 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
1 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
1 KB
4 gstatic.com
fonts.gstatic.com
92 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
25 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2366
mp.4dex.io — Cisco Umbrella Rank: 2499
24 KB
3 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 9046
atrack.avplayer.com — Cisco Umbrella Rank: 10118
71 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
ce.lijit.com — Cisco Umbrella Rank: 816
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
3 fearlessfaucet.com
fearlessfaucet.com — Cisco Umbrella Rank: 57944
27 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
55 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
888 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 596
1 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 80
671 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3893
563 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
1 KB
2 jsapicdn.com
p.jsapicdn.com — Cisco Umbrella Rank: 22068
14 KB
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7058
2 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 23756
3 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 876
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
1 KB
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
674 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
647 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 588
605 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
1 KB
2 hyvor.com
talk.hyvor.com — Cisco Umbrella Rank: 106194
5 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
17 KB
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 738
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2733
187 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
220 B
1 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 6197
238 B
1 trafmag.com
t.trafmag.com — Cisco Umbrella Rank: 6679
351 B
1 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1818
919 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7095
631 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5646
185 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 533
481 B
1 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 5850
56 KB
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
425 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1483
380 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 877
72 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 702
757 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1587
112 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4389
233 B
1 cpx.to
s.cpx.to — Cisco Umbrella Rank: 2057
944 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
478 B
1 openx.net
u.openx.net — Cisco Umbrella Rank: 710
305 B
1 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1328
289 B
1 lockerdomecdn.com
cdn2.lockerdomecdn.com — Cisco Umbrella Rank: 21204
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
62 KB
313 71
Domain Requested by
26 resistthemainstream.org resistthemainstream.org
17 s1.adform.net track.adform.net
s1.adform.net
resistthemainstream.org
16 s-img.mgid.com resistthemainstream.org
15 router.infolinks.com resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
12 mcd.ex.co player.avplayer.com
9 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
um2.eqads.com
8 www9.smartadserver.com 4 redirects resistthemainstream.org
8 tag.targeting.unrulymedia.com player.aniview.com
8 ghb.adtelligent.com player.adtelligent.com
p.jsapicdn.com
6 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
player.adtelligent.com
6 track1.aniview.com resistthemainstream.org
player.aniview.com
6 imasdk.googleapis.com resources.infolinks.com
player.aniview.com
6 cm.g.doubleclick.net 4 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
6 lockerdome.com cdn2.lockerdomecdn.com
resistthemainstream.org
player.adtelligent.com
5 sync.mathtag.com 1 redirects tags.mathtag.com
sync.mathtag.com
player.adtelligent.com
5 player.adtelligent.com player.adtcdn.com
player.adtelligent.com
5 prd-collector-anon.ex.co player.ex.co
5 stats.g.doubleclick.net lockerdome.com
5 ib.adnxs.com 4 redirects player.adtelligent.com
5 jsc.mgid.com resistthemainstream.org
jsc.mgid.com
5 resources.infolinks.com resistthemainstream.org
resources.infolinks.com
4 gum.criteo.com 2 redirects static.criteo.net
4 track.adform.net hal90006.redintelligence.net
s1.adform.net
4 pubads.g.doubleclick.net imasdk.googleapis.com
4 hal90006.redintelligence.net 1 redirects player.adtelligent.com
hal90006.redintelligence.net
4 pagead2.googlesyndication.com srcdoc
4 pixel.rubiconproject.com eus.rubiconproject.com
4 sync-tm.everesttech.net 4 redirects
4 prebid-server.rubiconproject.com player.aniview.com
4 tag.1rx.io player.aniview.com
4 match.adsrvr.org 2 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
4 image8.pubmatic.com 4 redirects
4 fonts.gstatic.com fonts.googleapis.com
3 mug.criteo.com
3 cdnjs.cloudflare.com s1.adform.net
3 tags.mathtag.com resistthemainstream.org
tags.mathtag.com
3 token.rubiconproject.com 3 redirects
3 hbopenbid.pubmatic.com player.adtelligent.com
player.aniview.com
3 cdn.mgid.com resistthemainstream.org
jsc.mgid.com
3 ups.analytics.yahoo.com 3 redirects
3 onesignal.com cdn.onesignal.com
3 www.google-analytics.com www.googletagmanager.com
cdn2.lockerdomecdn.com
www.google-analytics.com
3 fearlessfaucet.com resistthemainstream.org
fearlessfaucet.com
2 static.criteo.net player.adtelligent.com
static.criteo.net
2 pixel.tapad.com 1 redirects resources.infolinks.com
2 id5-sync.com player.aniview.com
player.adtelligent.com
2 adservice.google.com imasdk.googleapis.com
2 um2.eqads.com 1 redirects ssum.casalemedia.com
2 match.prod.bidr.io 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ssum.casalemedia.com
2 prg.smartadserver.com player.aniview.com
2 ads.pubmatic.com player.aniview.com
2 p.jsapicdn.com player.adtelligent.com
p.jsapicdn.com
2 pbjs.e-planning.net 1 redirects resistthemainstream.org
2 script.4dex.io player.adtelligent.com
script.4dex.io
2 atrack.avplayer.com resistthemainstream.org
2 player.aniview.com player.ex.co
player.aniview.com
2 player.adtcdn.com srcdoc
player.adtcdn.com
2 cm.mgid.com jsc.mgid.com
2 servicer.mgid.com jsc.mgid.com
2 pm.w55c.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 ap.lijit.com 2 redirects
2 pixel.advertising.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 sync.1rx.io 2 redirects
2 image4.pubmatic.com 2 redirects
2 onetag-sys.com router.infolinks.com
player.adtelligent.com
2 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
2 rt3027.infolinks.com resources.infolinks.com
2 talk.hyvor.com resistthemainstream.org
2 fonts.googleapis.com resistthemainstream.org
client
2 cdn.onesignal.com resistthemainstream.org
cdn.onesignal.com
1 img.onesignal.com
1 ajax.googleapis.com hal90006.redintelligence.net
1 pixel.mathtag.com tags.mathtag.com
1 hal9000.redintelligence.net resistthemainstream.org
1 s0.2mdn.net imasdk.googleapis.com
1 beacon-ams3.rubiconproject.com resistthemainstream.org
1 ads.yahoo.com eus.rubiconproject.com
1 id.rlcdn.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 image6.pubmatic.com ads.pubmatic.com
1 sync.aniview.com ssum.casalemedia.com
1 dsum.casalemedia.com ssum.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 c1.adform.net ssum.casalemedia.com
1 x.bidswitch.net ssum.casalemedia.com
1 secure.adnxs.com ssum.casalemedia.com
1 ce.lijit.com player.aniview.com
1 secure-assets.rubiconproject.com 1 redirects
1 ssum.casalemedia.com player.aniview.com
1 dm.hybrid.ai resistthemainstream.org
1 t.trafmag.com resistthemainstream.org
1 sync.adtelligent.com 1 redirects
1 fastlane.rubiconproject.com player.adtelligent.com
1 bidder.criteo.com player.adtelligent.com
1 ads.betweendigital.com player.adtelligent.com
1 rtb.adxpremium.services player.adtelligent.com
1 research.adtelligent.com player.adtelligent.com
1 mp.4dex.io player.adtelligent.com
1 prebid-eu.creativecdn.com player.adtelligent.com
1 premiumsrv.aniview.com player.aniview.com
1 player.avplayer.com player.ex.co
1 player.ex.co cdn.mgid.com
1 video-native.mgid.com jsc.mgid.com
1 c.mgid.com jsc.mgid.com
1 static.adsafeprotected.com resistthemainstream.org
1 a.omappapi.com resistthemainstream.org
1 ad.turn.com 1 redirects
1 beacon.lynx.cognitivlabs.com 1 redirects
1 ssc-cms.33across.com router.infolinks.com
1 p.rfihub.com 1 redirects
1 match.bnmla.com router.infolinks.com
1 dsp.adkernel.com router.infolinks.com
1 s.cpx.to router.infolinks.com
1 sync.go.sonobi.com router.infolinks.com
1 sync.targeting.unrulymedia.com 1 redirects
1 u.openx.net router.infolinks.com
1 image2.pubmatic.com 1 redirects
1 de.tynt.com router.infolinks.com
1 cdn2.lockerdomecdn.com resistthemainstream.org
1 www.googletagmanager.com resistthemainstream.org
313 124
Subject Issuer Validity Valid
*.resistthemainstream.org
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
fearlessfaucet.com
R3		 2022-01-01 -
2022-04-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.lockerdomecdn.com
Amazon		 2021-02-24 -
2022-03-25		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-10-29		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
a.omappapi.com
R3		 2022-01-08 -
2022-04-08		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2021-09-13 -
2022-10-15		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2021-11-06 -
2022-11-06		 a year crt.sh
outstreamedia.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
player.adtelligent.com
R3		 2022-01-18 -
2022-04-18		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-12-08 -
2022-03-08		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-08 -
2022-12-09		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2021-08-05 -
2022-09-05		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
p.jsapicdn.com
R3		 2021-12-19 -
2022-03-19		 3 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
redintelligence.net
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh

This page contains 38 frames:

Primary Page: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Frame ID: 406DCA6431CE43C47EBB98B73A8031E2
Requests: 148 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Frame ID: 36BE5CD524519C687DC64DD6D8438975
Requests: 18 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Frame ID: 640562BF9426096A2340E2EF47FEB8D0
Requests: 2 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 7A151B91566B97D4C62E5E98878F1E7D
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Frame ID: B62BE2BE1560FEC31996673BF06B2565
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=601
Frame ID: 79F79020A9757551D68F2E9057A56721
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Frame ID: 85AB3BB2E5D58CE283F1748AE701CD4A
Requests: 2 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: EC2D7F5B36374FC107C50F9F53379228
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 8C92C6C9A3F7B1A5187DDCA6C0A7E281
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 272E00625EAFC73EF63C66D09188CFC1
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Frame ID: A6CCB716E5E26D504AB67F1503DDE431
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=164264561408021991656
Frame ID: C5CA41D25F72632F6840308A1DA7AE50
Requests: 1 HTTP requests in this frame

Frame: https://player.adtcdn.com/prebidlink/456290.44837305555/mgadt.449143.js?domain=resistthemainstream.org
Frame ID: BEC98EFA42A262045F5118716BAC17D9
Requests: 31 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: DF19D14F826BA2E2F309A24667D9D1AA
Requests: 6 HTTP requests in this frame

Frame: https://p.jsapicdn.com/prebidlink/19012/j.html?i=11593
Frame ID: AEFA4B2757526F0371D1214A977E9467
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D1%26key%3D
Frame ID: 60FB76C758F22BC3DCA83596E656FF4F
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D42%26key%3D
Frame ID: 4699D858D22D61849EF9622ACCB38E66
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: 4C30BFD32CD6FB02B25CE0FDDE4B49AF
Requests: 11 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=376385&3pid=1642645615828-962636890624-008323-012-006776&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D18%26key%3D%5BSOVRNID%5D
Frame ID: 1A6A485497FA7D047D4F498AA8A0266E
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 98578AC3D417778AFCC42BB90F24AED0
Requests: 2 HTTP requests in this frame

Frame: https://player.adtelligent.com/prebid/iframe.html?adid=35c5f429168ddf3&ref=null
Frame ID: 54DDA749AAAD4860A0A5C1E1B719C8A3
Requests: 2 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTldabE1tVTJOakF0WWpOaVlTMDBaV0l4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczOTgxNjIzMjM0NTQzMzYyMjkvOTY5MDAzMS85OTU1OTkzLzkvWmRkM1h2Nkpnc0QyYXhNbGpOWUx5TXF3T01raGdVZzdPVWREODZhRUxXdy8xLzkvMC8wLzE3MzQ5NDUvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczOTgxNjIzMjM0NTQzMzYyMjkvYW1zLzAvOTQzMi80NC85OTkvMi8yMDAxOmFjODoyMDozMDA6Oi8wLjAwMC8xNjQyNjQ1NjE1LzE2NDI2NDkyMTUvOS8xNzE4NC8/6O2-x__T8f-c4CNXWSYV2PkMW1U&nodeid=356&group=cdg&auctionid=7398162323454336229&shardkey=7398162323454336229&sid=9955993&cid=9690031&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.37&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F20926696-23ed-4224-ae20-efd6fd25a9e6%2F
Frame ID: 8C08D628F88A845188E273BCE57643E7
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 3F46350935B96836CD8573EA0DA83887
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: A5E486AA16624FEA469F50BE49CEE286
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: A3F2F9FE69144487655F16D0CABDED51
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 41E71475C327BB84B620061C038576F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9FA3753DF948679CEF703F4DF97660EA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 132FE6FCE4FCF51E5C41E4ABD8C38925
Requests: 1 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-1.0.html
Frame ID: 6602BA1C8BA2D247B78C9127B203364D
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4BE84C804C44AEEDBD1D8EF919E0F206
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Frame ID: 3C7450B70A19FBC2439221142678A299
Requests: 1 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=30041900017262903891610011845006&a=2a16e1e3
Frame ID: 7554D7179689E94E66FAE8B56F99F1D2
Requests: 10 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=fe6b61e8-c86f-4300-bd13-50ca5c522079&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Frame ID: FF75BA81713F33B961968D1A517C6B5C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 1CC5E63717B003160D329E1C43A8773F
Requests: 2 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/10673992/10673992.js?ADFassetID=10673992&bv=258
Frame ID: 5DC7291EA1059EBA75DE4EC9ACC6CE4E
Requests: 18 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=resistthemainstream.org
Frame ID: 8A9308FAA84D25DF9D05EE32447B5B59
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 03E2EE4143F426178918A3DCD43C1ABC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4B94B40CA0D8BE1962DE6F1E286D2875
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sidney Powell’s Counsel Issues a Statement After Jan. 6 Committee Subpoenas Her

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

313
Requests

88 %
HTTPS

27 %
IPv6

71
Domains

124
Subdomains

94
IPs

11
Countries

5389 kB
Transfer

13604 kB
Size

92
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Request Chain 54
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzI3NzRBODEtQjVDRS00QjA4LTlBN0MtRjNFNzQwOEFDMUY1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzI3NzRBODEtQjVDRS00QjA4LTlBN0MtRjNFNzQwOEFDMUY1&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DC2774A81-B5CE-4B08-9A7C-F3E7408AC1F5 HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=C2774A81-B5CE-4B08-9A7C-F3E7408AC1F5
Request Chain 55
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=2827396469763233072
Request Chain 57
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-k1R5QiZE2uH2gBYNEnU4RvMo8FsaetFPlU14SdY-~A
Request Chain 58
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6426900552 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6426900552 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/d02c5bd6-56de-4851-aed3-177ca6bdbb36 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-44c716a0-2ac4-4ff0-8d18-4f0b47b69d59-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-44c716a0-2ac4-4ff0-8d18-4f0b47b69d59-003 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-44c716a0-2ac4-4ff0-8d18-4f0b47b69d59-003
Request Chain 59
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=
Request Chain 61
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fresistthemainstream.org%252Fsidney-powell-responds-following-subpoena-from-jan-6-committee%252F%253Futm_source%253Dtelegram&pid=12306&adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fresistthemainstream.org%25252Fsidney-powell-responds-following-subpoena-from-jan-6-committee%25252F%25253Futm_source%25253Dtelegram%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&pid=12306&adnxs_uid=2827396469763233072
Request Chain 63
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://router.infolinks.com/dyn/imd-usync?user_id=18eed8b5-e1b3-4469-b7b7-785c8bad8dfe&partner_id=1531
Request Chain 64
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP6ea0e2be-7998-11ec-adbf-024986f1b40a HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-qGPNESBE2uEqwsJ.A7w3jkNXAYlUdnea~A~UP6ea0e2be-7998-11ec-adbf-024986f1b40a
Request Chain 66
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=81102b21675c31d8a26b2455
Request Chain 67
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DC2774A81-B5CE-4B08-9A7C-F3E7408AC1F5 HTTP 302
  • https://router.infolinks.com/dyn/usersync?pmuservalue=C2774A81-B5CE-4B08-9A7C-F3E7408AC1F5
Request Chain 68
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=5123196421114839241
Request Chain 72
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YejIbXCf5E.PfdeVa0toygAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH9hyt6IczJm5bVhLQN24NI&google_cver=1&gdpr=1&google_hm=2
Request Chain 74
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YejIbXCf5E-PfdeVa0toygAABLoAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YejIbXCf5E-PfdeVa0toygAABLoAAAIB&dcc=t
Request Chain 75
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0AqfnoEg1Nana65&gdpr=1
Request Chain 76
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=503daae9-3a34-44be-9f60-c13cc9a2ef3f&expiration=1674181614
Request Chain 77
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Request Chain 78
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4399109690395746139
Request Chain 157
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/resistthemainstream.org/ROS?rnd=0.43522020597622446&e=300x250_0%3A300x250&ur=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&e_pubcid=8f40cd8d-03bd-4a39-a194-7238342f3471 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/resistthemainstream.org/ROS?ct=1&r=pbjs&rnd=0.43522020597622446&e=300x250_0%3A300x250&ur=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&e_pubcid=8f40cd8d-03bd-4a39-a194-7238342f3471
Request Chain 170
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=125e501c0ba036f3
Request Chain 177
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 182
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814599&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=2645615263 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814599&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2645615263&cklb=1
Request Chain 183
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814598&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=2645615265 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814598&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2645615265&cklb=1
Request Chain 200
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YejIcAAG4gpZxwAF HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YejIcAAG4gpZxwAF&gdpr=1&_test=YejIcAAG4gpZxwAF
Request Chain 201
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AEGZdE7D0ZEAAEBc9Q76GQ&expiration=1643855216&gdpr=1
Request Chain 204
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1642732016&gdpr=1
Request Chain 208
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 212
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYMCSD3K-1H-4E2W&sigv=1&esig=2~bfaa350fe6647d59f2e81cbc1fcb1c1e92580966
Request Chain 213
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YejIcAAAdaYUWgAZ HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YejIcAAAdaYUWgAZ&_test=YejIcAAAdaYUWgAZ
Request Chain 214
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=fe6b61e8-c86f-4300-bd13-50ca5c522079
Request Chain 215
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lNQ1NEM0stMUgtNEUyVw==
Request Chain 217
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Me4RQT8tN7kEo_yshW71Rsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2249986117922085011
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDQqhsGXgZU6rkpBkaaP3sc&google_cver=1
Request Chain 241
  • https://hal90006.redintelligence.net/request.php?zone=r0rzfbhsf7cr&nw=20&renderingType=javascript&namespace=d00bd1283f&subid=&uid=0003c6f49dbab5c7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dd362b876bb0e2e49f7e50688d1500784125ba58b_15%26mt_aid%3D7398162323454336229%26mt_id%3D9690031%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dfe6b61e8-c86f-4300-bd13-50ca5c522079%26mt_cid%3Dfe6b61e8-c86f-4300-bd13-50ca5c522079%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F20926696-23ed-4224-ae20-efd6fd25a9e6%2F%26redirect%3D&documentReferer=https%3A%2F%2Fplayer.adtelligent.com%2Fprebid%2Fiframe.html%3Fadid%3D35c5f429168ddf3%26ref%3Dnull&ancestorOrigins=https%3A%2F%2Fplayer.adtelligent.com%2Chttps%3A%2F%2Fresistthemainstream.org%2Chttps%3A%2F%2Fresistthemainstream.org&random=2132567816563&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90006.redintelligence.net/request.php?zone=r0rzfbhsf7cr&nw=20&renderingType=javascript&namespace=d00bd1283f&subid=&uid=0003c6f49dbab5c7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dd362b876bb0e2e49f7e50688d1500784125ba58b_15%26mt_aid%3D7398162323454336229%26mt_id%3D9690031%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dfe6b61e8-c86f-4300-bd13-50ca5c522079%26mt_cid%3Dfe6b61e8-c86f-4300-bd13-50ca5c522079%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F20926696-23ed-4224-ae20-efd6fd25a9e6%2F%26redirect%3D&documentReferer=https%3A%2F%2Fplayer.adtelligent.com%2Fprebid%2Fiframe.html%3Fadid%3D35c5f429168ddf3%26ref%3Dnull&ancestorOrigins=https%3A%2F%2Fplayer.adtelligent.com%2Chttps%3A%2F%2Fresistthemainstream.org%2Chttps%3A%2F%2Fresistthemainstream.org&random=2132567816563&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 257
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=b3326bec-e67e-4986-a830-5a019b2955ca=&partner_id=3337 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=b3326bec-e67e-4986-a830-5a019b2955ca=&partner_id=3337
Request Chain 289
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=resistthemainstream.org&sn=ChromeSyncframe&so=0&topUrl=resistthemainstream.org&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=lRrZeXw1a2YxaEZWRHpINnExZHVZcGNMUHlHN2V6YUZIUnhiWUdneUdBMXB0SCtWVjVpTEtZbUt3SVJHNTdGc1ppTUluUHhXRU5JTnYyRXlmMnEwZ0FqSlptUnhCbC9NSFo1ZGlKbWhFUXZkOWZMNEdBY2hRZCtlZGtZTHptaFZlZEptY3NjendaQXhWb2hzaHFqL3QvNXowWjRrV2I2c3ErVHVXVlR0NW9vY3ZoNHUvclVXNmhTc1MwS3N0dnhIelEwaDZEemtiaFV6czdCeWlFRW1NSjY0VVFuL0RNelp0MzMyODV0Um96YnREZFpwangra0NkNFBLVVpYNTExMWd0Wm05a0RLVHljVzJxWmxlR25Id2lUcTN1N0VlODN6amdoNWRjL1hjT1drT2pXTT18&cppv=2
Request Chain 292
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fresistthemainstream.org%2F&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=yBfS-Xw2NC9EWmJoVUlzOXZRVmxIYlF5YTZSN2NwNXI4SEJLV0F6dUd3QVhnTFYvQTlxa2lyb0hQZitYSzQyKy93cUg1MU03Z050YXhXM1h0TmRnSjJJa3J2eFhQaFFvWmNEU0d2eGs3LzRSeXMzYUxjOU9RTjUrWkxPdXZYRmlBNnpwalBRSzJkSXBWNEZiYkpBeEZyZyt2aFNTa24yNHhDU2xUZkhXVC8zQ3pBeUlpNTBwM3NUUUxQS0w1MEs3Rkg2M1RWN3BkaU9MN1I0RnZ1emU0VEhPMjIxRngwVUJ4WXhRODZGY0JKaWt4QnBQL3dEOFRUb0JoaWNlNEc4bWI0N2dEeGUyVU1MWW5RclFvTlRkTUZFTEN5TGdCU2lxV3ZieGJZdDBoTmhESldsbz18&cppv=2
Request Chain 302
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814599&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=2645621404 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814599&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2645621404&cklb=1
Request Chain 304
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814598&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=2645621405 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814598&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2645621405&cklb=1

313 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/ 		117 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d04f4182ee60c2670f9362ade3333153a49c1f33e9e8aafa7497a1b0cce814f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 20 Jan 2022 02:26:52 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=600
expires
Thu, 20 Jan 2022 02:36:51 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9khMAXgrA1Um1hNxrRkuq%2BBiBGQ1fiwgK%2Bza0719RHnOwuRVMHU0e1Zt8s5kqXIY5eIG4w7sAdmLAR2oOc9xH4bha9wmr%2ByBFBg3nRhR9%2BMfmBJugD2ttpayD8XHWTZoKNoq8ZaX0YSIvWQBSra0pw30JBg"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d04dc3fbceb4a5b-FRA
content-encoding
br
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:52 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
442
etag
W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d04dc4508bf59f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 23 Jan 2022 02:26:52 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MHSJPPB6JE
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30c01b6e5144945c217cb7bea0018783cd099ce5af1e2dc48c8355f9bd25d37e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:52 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62532
x-xss-protection
0
expires
Thu, 20 Jan 2022 02:26:52 GMT
v2gll8Qzgxs-F_tAfYbN9Vu7gRE70yQNcPsdfwHvFYjQd7BtKRQGQf8_AneFC7YOk
fearlessfaucet.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2gll8Qzgxs-F_tAfYbN9Vu7gRE70yQNcPsdfwHvFYjQd7BtKRQGQf8_AneFC7YOk
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
baaa07a00697c570eead5452f22f87dfb30fd76e443aba6cc902b313db640ff6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"52f67df7b66e161e9430c60749916f97410e463891748a99c61cb1af6e261b9b"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-lv9m
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Thu, 20 Jan 2022 02:26:52 GMT
timing-allow-origin
*
a3jph.css
resistthemainstream.org/wp-content/cache/wpfc-minified/7wo4u5gj/ 		811 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/7wo4u5gj/a3jph.css
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c81e03d5961a492e1ee3b4bf73eae923fdabda4330447f577920d64f5234f07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 19 Jan 2022 02:47:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7RRKatus0%2B5o7TcA2KdCJJRauTcoaKo4M5wRUSRPzMkHcCYjrEtMrmnS%2FaTZ3fZsjQB2GipHt4cEZyacV1kRFLBWduaSIro3uv%2Bp3VKxF4hV%2FY2kLXsqQ2kX88msRn3jdl5MNfYd0JvkGdlJy3oske%2BdWMw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4509f24a5b-FRA
expires
Sat, 19 Feb 2022 02:26:52 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9284a576560f7b1bf06488542d70ebd656ccc7126ffa8fbfe2b3c0fb8fff9092
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 02:26:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 20 Jan 2022 02:26:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jan 2022 02:26:52 GMT
a3jpg.css
resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/ 		667 KB
134 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/a3jpg.css
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1b4c3f2f4e6c235296994b221f594ca331291a92988ab4c327f50981369940b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 19 Jan 2022 02:47:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwVPFRNTlxiPIfOwo93xlkLsRkp45%2Fap7YzcPwPHRj9T3wVhr4L%2BdiWSBqSYaKHE5XXjHdj2cDY51ip%2F7aI9rvKbkHZ1pmZ%2Fs7hwwYzszqgoxgKPT5fIZdy83AITjeI%2BNzGHdBkFCqV2QISpmSJMQoaZj8te"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4509f34a5b-FRA
expires
Sat, 19 Feb 2022 02:26:52 GMT
a3jph.js
resistthemainstream.org/wp-content/cache/wpfc-minified/mka1sjxi/ 		112 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/mka1sjxi/a3jph.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68ef40d78ae566ec35f1d0785b503add002abe8ad92c8543077ab9dbe4a4b1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 19 Jan 2022 02:47:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmNzcKzdqy3VdtT4JjFRU1mjXlPFC8xSEqFKSWUFoNHgVzlmG3AQo7wJ%2B6DIIvWYj96cqDk%2FqIAQ76LdiOZKE9vHM7Qb9gJ%2BmxkCABmX3zPmQ2cxGOxJOysrFyrMt5CHfFpJOAdCOSJDwVjpeBYO5aKC5qKp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4509f44a5b-FRA
expires
Sat, 19 Feb 2022 02:26:52 GMT
signal-2021-09-28-044331_001.png
resistthemainstream.org/wp-content/uploads/2021/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/signal-2021-09-28-044331_001.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2b87637211d065cc2722c6ce0a173c4defdbaa4ff7b8144ff6902457aa017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 28 Sep 2021 02:48:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7A7SbrYgBRX8wX4BFm9z3xKzIQxTU6ypTrOMwgJoBjEMuU0At%2FTypS3D83W9kIvvlQFkXMEKqHiaTDGbXUzpYtDHP5T7PO4W9Zq7ozfw2WttcURXVV9HLNybkXkLvDGMsnxjLZrnxQOpObjbeC2huQVtMTY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d04dc4ba83a4a5b-FRA
content-length
2863
expires
Sat, 19 Feb 2022 02:26:53 GMT
logo-mobile.png
resistthemainstream.org/wp-content/uploads/2021/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/logo-mobile.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735ba0855a8e681e98e185111aae755c396d6c0f889c40947b6d758551075f6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 28 Sep 2021 03:17:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixDxji%2BOaJOFwTHAuHvGjKn393S4yQ8jNpzjVuKEyPGDF0RSGB7IX370H2yu1Rd7N1aRovdVTsIFp%2BnWoVpbafytmdFmk29oha10FlJm6ZpeIrOCNOwwAhorvBcIGGswUXjvdNK9Tl8FHDcVXnLzxPIKGTy%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d04dc4ba83b4a5b-FRA
content-length
1699
expires
Sat, 19 Feb 2022 02:26:53 GMT
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e3e8b6a4608aad2b3ac26700a794ccd57fa7779ae42f12dd9c9221417744e14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d04dc4adf930863-CDG
date
Thu, 20 Jan 2022 02:26:53 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 19 Jan 2022 07:51:15 GMT
server
cloudflare
age
9326
etag
W/"d63-5d5eaa673e471"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
expires
Thu, 20 Jan 2022 00:51:27 GMT
email-decode.min.js
resistthemainstream.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Jan 2022 19:33:57 GMT
server
cloudflare
etag
W/"61e5c4a5-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHEFLtZ%2BdcytCuTayYTcNisuKwSwhbGMQtFkDLOW6xPydSb9AHnS1urgAjPDQ7zN5gJw9X%2FbYr5ZpAnNszh93Gk2fw%2B6QrHtjhwyuBwmgNyi30C09W2lpkQ7xnODvcO97V1JgW%2BLfJ2SwlUZdmvECWNIspgv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4b0fc44a5b-FRA
vary
Accept-Encoding
expires
Sat, 22 Jan 2022 02:26:53 GMT
resistthemainstream.org.1149360.js
jsc.mgid.com/r/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed367284fdd0727d23443d61fef66e9d1bc522690f63fa510be7eba01005590a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
W3D2QZM1ZTRGA4F6
last-modified
Thu, 25 Nov 2021 10:08:04 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
6S8t1I+jPW2fd23IraHXZCaQC51Db8s520rlC4gj4k2YPYGQcgb1595zQHjI2eQQTAUhxGRo9Hg=
cf-bgj
minify
server
cloudflare
etag
W/"bf2fbb25b9bb87a9cc7f822ef8e4c233"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d04dc4c09604031-CDG
expires
Thu, 20 Jan 2022 05:26:53 GMT
embed.js
talk.hyvor.com/web-api/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talk.hyvor.com/web-api/embed.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:891 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d10d857f0b9ee4649d0b0531ea87e1527a0dbbc3f3647cebfcd922c6c37ba5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jan 2022 11:12:11 GMT
server
cloudflare
age
54882
cf-polished
origSize=6290
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCq2jUfEr0jVqLeltBglij1qn3SJBkVUSjanAvkH0oAxgXlk4eXeKob5DCoBFMQm4BkRm%2BFiynGuIHys2J4usoXnC1%2BIJjtK89uEvflwXKq3YhV5U%2Bdu0v0czHbxckOTb7dY0kdFuDceMAUJ"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=0, public, s-maxage=1382400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4bfbf63752-MXP
cf-bgj
minify
wp-emoji-release.min.js
resistthemainstream.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 03 Oct 2021 22:07:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1%2B0uEcdzXeuEPawdwSPmaHURZRs68DbcLgAUZ4iGxYhA7rm0rDRoMDFe5MOCkF74WfDmMsTeNwVthiosZA8gzv%2BzfaJJWFJHlCWYQbYMs6FGawHr9iRjSpG7WmifZ53KTc5Xz4Ac%2F9gip3gc2e0sGPGpcso"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4ba83c4a5b-FRA
expires
Sat, 19 Feb 2022 02:26:53 GMT
collect
www.google-analytics.com/g/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MHSJPPB6JE&gtm=2oe1c0&_p=963415151&sr=1600x1200&ul=en-us&cid=1976434000.1642645612&_s=1&dl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&dt=Sidney%20Powell%E2%80%99s%20Counsel%20Issues%20a%20Statement%20After%20Jan.%206%20Committee%20Subpoenas%20Her&sid=1642645611&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHSJPPB6JE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
resistthemainstream.org.1156929.js
jsc.mgid.com/r/e/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aff16f52b0b9a529e919ec1f99a8475d01e622bb44c02b4643f5fe7c6df90cbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
MN78NJQNC3BRXXVW
last-modified
Wed, 19 Jan 2022 15:28:18 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
MG66KsvPL9W3cQuCHqrO1vM0lU53MmfT+iUlQzWI3TeOTi6A+VzTaBjUkrdwODViq4kyt5kIWYA=
cf-bgj
minify
server
cloudflare
etag
W/"7aef73da1ecee8b89ca5a58de109330c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d04dc4c09624031-CDG
expires
Thu, 20 Jan 2022 05:26:53 GMT
/
talk.hyvor.com/web-api/count/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talk.hyvor.com/web-api/count/
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:891 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3d6f43856edb4773691473aba669b43e4b4a0caeae37d2f8fa19456f1b8adae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"54ae38239fdac3aebd77d7563e732af2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4%2B3pyBQk7lYbKJjwkhrPoCnx33kTwdukUI%2FG%2FKdFDrUqXpqZ8mNejVm1xEkb7ZtlMmBL9ucVf15Nn4I3lR6IJOg9iVRduD6HM8INyRfg7KKR0Bwi6gFI%2BP%2F51BoifJOuNFAVAS0mCrQXZLo"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000, public
cf-ray
6d04dc4bfbf73752-MXP
front.js
resistthemainstream.org/wp-content/plugins/embedpress/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/embedpress/assets/js/front.js?ver=3.3.0
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f62e11b110b6233da7f94fc6715e2d026d3dd3cc22fa394623ba16c9316fa8f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 22 Dec 2021 02:29:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcMHhGxS8LpKcafIqd56D5Nr9ss9ZIgNVUqiKE8IfPaCdNqeDhlk3JxRzVH%2Fhg13nPA4nsmqqBRLbOdOqC%2Fzn%2FZk1XNvxbBDzzPsQN8q3pmkePph7IgzwENES%2F8IwlMXX%2BJ4iKIpfi4y3m%2FyobKy9mAmRwzL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4b1fd64a5b-FRA
expires
Sat, 19 Feb 2022 02:26:53 GMT
frontend.js
resistthemainstream.org/wp-content/plugins/jnews-paywall/assets/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/jnews-paywall/assets/js/frontend.js?ver=10.0.0
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9c3fcc4471623d464db7a4744808d67f44d3037866797a3fce2c046685c9bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:52:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6ksT7DP%2FdA%2FohcE%2BiJQxiozCvKHGsIpxS0QDAv7QKLUeKv9DVO79rm3CYMAeOA1mDZtrJ7Y9rpqW3iWNM2xixarc404RYa%2F7Fx5xSy5hkxdc72TW6Qkfk2dTQkcZT5GQ0m9vY4pXwyDZ1OxDixXXlEt1x6L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4b4ff54a5b-FRA
expires
Sat, 19 Feb 2022 02:26:53 GMT
comment-reply.min.js
resistthemainstream.org/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/comment-reply.min.js?ver=5.8.3
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 16 Apr 2021 00:35:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4iLE8t6PRbSPQenYHBm74WN8R1MCM1LQtCe9pY2Ht8n%2BJhFNapyqqpNQCBVIsaW5h3Hegti5CVxOKE7b18KSBaLtCe%2BQKZ0HbtasWZAyj%2BRqCgBm81HpmgvV1PFUesM1WtlDZjXOcNyNImy%2BpmdG7Vzxp6w"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4b98314a5b-FRA
expires
Sat, 19 Feb 2022 02:26:53 GMT
hoverIntent.min.js
resistthemainstream.org/wp-includes/js/ 		1 KB
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/hoverIntent.min.js?ver=1.10.1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 03 Oct 2021 22:07:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00LMJDCRaqybDB2MDVB1socs1hDzLa%2BI7%2BWc36jtMI1B2KIn7J8%2BU3Y%2FZTKOene9N5%2F6EzryUJS%2FcAceEXxJ2sKCtF8IQ72%2B5bL0buhTYIGXsl53YXWNU%2FhpZ9RwOAiCYcKBnqktmwoTsvxm9zfo7xJ4Ya7e"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4ba8324a5b-FRA
expires
Sat, 19 Feb 2022 02:26:53 GMT
imagesloaded.min.js
resistthemainstream.org/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 05 Feb 2021 00:14:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeVYRycwQPIIVgddUt6NsSzTkpCcCJIv5hV8AfRN7w31O9bUEzPB69CZ78SX%2F7bIujC5%2BmXNyFKX1XQvHTlGjcvYyW8VS%2B7LpDAO5QJgN5bKuwurZ%2F6kXsd6uw%2B797mLgnsEiWarll4wKgq0jZZE15Yjgw08"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4ba8344a5b-FRA
expires
Sat, 19 Feb 2022 02:26:53 GMT
frontend.min.js
resistthemainstream.org/wp-content/themes/jnews/assets/dist/ 		292 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=10.0.3
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30389cf8a9540caad65157f94347a01b77a96327398ff615be1a6cc346473553

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aw92cOkPaNuY9VamVBqwnen%2BJmk7c%2F7Hx8Zj%2BaIb4MHQIMmR9gOTaZ5Ad6KQQ4AhTp5cCiiDewp5tyX8MjzHh2xF%2BmdnHnrjJ%2FUgy4RrFLIXNC7SPZcJAkMkjH%2BvJ1lv0en5emtf%2Bgpfv11GiAEVfrp7y5d0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4ba8354a5b-FRA
expires
Sat, 19 Feb 2022 02:26:53 GMT
frontend.min.js
resistthemainstream.org/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=3.1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e244abc7224f0d09a459628f4b146d1eab85dbeafad852405cd2dfca3648469

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWgfoSAerlZsJl2WUC2U7aGEVMQs1lup7kF71hNi2G%2FirGKIreHDpfjI%2FaxbS3Lj2Ht5%2FSjUhSmE8pUtzGSh9Zqqd7yQFecLB9p33RatSNPLU%2BMR4UbYgk664Sx2GE9jwYAYAHZtSSrOZtdmSJXuJ4e4WoSv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4ba8374a5b-FRA
expires
Sat, 19 Feb 2022 02:26:53 GMT
plugin.js
resistthemainstream.org/wp-content/plugins/jnews-social-share/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/jnews-social-share/assets/js/plugin.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1571f1bece418ee90d63337858269630c13b63c4bc5d8fcbb6caf1ea8b29d998

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 03 Oct 2021 07:28:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfjjYXIh55lDvsiDkCCw2lvi9dZLu67%2BJydR44GokuVujuVZfntwSJfxiXbBgXxb6N%2BntA1vUCIgVVd00ZcZ%2F8o%2FbDy%2Fo8rvKVvAxpbwRqT14DrHN66kbCqCLZvrmhbddKTzez%2BWXrzBO3uUyiMGtrTJR8L4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4ba8384a5b-FRA
expires
Sat, 19 Feb 2022 02:26:53 GMT
ads.js
resistthemainstream.org/wp-content/plugins/quick-adsense-reloaded/assets/js/ 		78 B
363 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.31
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:50:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofseonutJPrIE0xyGDswFDQ9FsdoqQ6Sz%2F4hxksGm5uOyhubZUk%2BnjjYlkTl2tSuIm4kRlLLfjXTsO6SPp40Hmwc2bBda7XzLrdD%2FK6xW0DQ9z%2B7UhXbqY4P6GR0vp5vZGyuUqbOMvHGwUBBznsWYUNOpVm3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4ba8394a5b-FRA
expires
Sat, 19 Feb 2022 02:26:53 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2354
etag
W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d04dc4bafec59f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 23 Jan 2022 02:26:53 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 20:12:18 GMT
x-content-type-options
nosniff
age
22475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 20:12:18 GMT
fontawesome-webfont.woff2
resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/a3jpg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/a3jpg.css
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNt1cnkvI8OffYQIBJrnYTUopwjOBWE2pbiRnceMUn%2BJTvDYcWi0xMCYr1aE946X035FWFIN953BtMS5JHqCq%2B%2BawHNyV%2F1BxBgcFjMputgXB8b%2F1iuVn5VYoIba%2BEUZskPCYHK5GJ6FeAt2Z6yCbfRmo%2F4y"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4bc8544a5b-FRA
expires
Sat, 22 Jan 2022 02:26:53 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 20:12:20 GMT
x-content-type-options
nosniff
age
108873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 20:12:20 GMT
ice.js
resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ 		177 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ice.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f7e767057a468113b4c95065391f5a6ae48144c9e72d3bd6285ecb843936175

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d04dc4c08480863-CDG
date
Thu, 20 Jan 2022 02:26:53 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 17 Jan 2022 12:23:36 GMT
server
cloudflare
age
6028
etag
W/"2c41c-5d5c638c3ad4d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Sat, 19 Feb 2022 00:46:25 GMT
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6a00:a:cbb7:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 20:11:51 GMT
content-encoding
gzip
last-modified
Fri, 14 Jan 2022 08:14:24 GMT
age
22502
etag
W/"14de-17e57a6ee35"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
BAvV1cCV95KePD9504lolGZqPyyqGKEoyQVUUfZIOiEyvenggxhWsg==
preloader.gif
resistthemainstream.org/wp-content/themes/jnews/assets/dist/image/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/image/preloader.gif
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/a3jpg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/a3jpg.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9TMRWtM8O50u1eVoF1%2Fj8o6zx%2BSPao9B9ZB7Jlncft8prgK2%2B2G9QBDCoFeackLv134B0Jnwf0UGEoneC4e2KByfZRhelfOEFlu2puzaAqs3TDG7YyVbdIZGdqU7eR8lJSvtyRKt4ejesjQWFA8cXJu%2Fc%2BL"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d04dc4c08874a5b-FRA
content-length
4399
expires
Sat, 19 Feb 2022 02:26:53 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v21/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v21/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 19:30:11 GMT
x-content-type-options
nosniff
age
111402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:51 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 19:30:11 GMT
2021-04-03_21.54.16-80x80.jpg
resistthemainstream.org/wp-content/uploads/2021/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/2021-04-03_21.54.16-80x80.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c07c0e4ec4c5d0bc7e227dbe689dd03035b4cb0f8394574e1b6740af383461

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 23 Sep 2021 02:54:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAIaNLaEMdpcHgD0Oo4cY7lK3tY2umkUYvcqYmUE6eGfvPGzxp3LdNbjE3tlTJqTCnymUDXaIE62Ad60eVRXDD3Sk5LJbJOe5H1iCpyhcXYfOZtekw8PvsTzaGFV0r5li%2FQuYTl2Ag3XmKtdMy36KRcm1SXt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d04dc4c28a04a5b-FRA
content-length
2072
expires
Sat, 19 Feb 2022 02:26:53 GMT
jeg-empty.png
resistthemainstream.org/wp-content/themes/jnews/assets/img/ 		70 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/img/jeg-empty.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
age
153
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=to83%2Fh4r6hTJSTCVCxG41LV6NEiSWvuzBVpX5QCrqvGVD3OLi7Y4mgvILU98bWKPYBpF%2BIolpHcQ8md8qXzAzZ%2Fj2Jt2AUBB%2B06fLXUQu87l4KMJwks9ia%2BW1uA69xCQZPuxamHLfPjazWtIkYE6pXCFrES3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d04dc4c28a34a5b-FRA
content-length
70
expires
Sat, 19 Feb 2022 02:24:20 GMT
jegicon.woff
resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/jegicon.woff
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/a3jpg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/a3jpg.css
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=On1I9pYDSMUcqcEPgTvhJYA%2FMJQ4nTexatX8Di9AlDewhIkdoAq7pikIXZfY6jwukBkbqGARFIEcgD76JDX%2B65RbvEwnaSSnPaDCls47SQOCc7cfOROfxKtNe7qe4QyN2GaSoFOpFf3eJMJgkEBMc%2BRTzOFL"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc4c38af4a5b-FRA
expires
Sat, 22 Jan 2022 02:26:53 GMT
web
onesignal.com/api/v1/sync/f2f0fa41-3f02-4834-960c-380cf87d3124/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/f2f0fa41-3f02-4834-960c-380cf87d3124/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe8e15902d3d3cbb4dd0163df9b32ee471cbf8ad824ea66745789e2dbcd63acb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
status
200 OK
x-envoy-upstream-service-time
24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
7830213e-bd22-4ab3-9a9b-30fb83832ac5
x-runtime
0.022825
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"fe8e15902d3d3cbb4dd0163df9b32ee4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6d04dc4c88ba59f5-MXP
access-control-allow-headers
SDK-Version
expires
Thu, 20 Jan 2022 03:26:53 GMT
resistthemainstream.org.1156929.es6.js
jsc.mgid.com/r/e/ 		245 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ff2dbbae2d5c0148b81d04ea9294919e080ee664d12e7823c26031c1ea125e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
NYMX71Q9SDSBBB6Y
last-modified
Wed, 19 Jan 2022 15:28:18 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
LS/JuqFJR/Nb16FOguyAEHWQf3jwWJkVq2kNHFZF1YztLeSLXi3XwNLo2OvOw9cLw3lXA9TsXxc=
cf-bgj
minify
server
cloudflare
etag
W/"855284de1a7c756ed35d1ab12d799cd7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d04dc4ccee1004c-WAW
expires
Thu, 20 Jan 2022 05:26:53 GMT
resistthemainstream.org.1149360.es6.js
jsc.mgid.com/r/e/ 		241 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77403e128e5185b66dc8d0664e55d45595b01dddd2837fedd1f43cd3a344480f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
AM412P9CKB40J9AJ
last-modified
Thu, 02 Dec 2021 15:56:45 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
KHi0VjEA5KYFjjOMr9NORAN8ZBGI5DUqt7OfHF1h4hUmSlhKRGxC4T007PazteOs1vfPx2Cy9Ho=
cf-bgj
minify
server
cloudflare
etag
W/"271f761a7bfc04d0dedefd757ed600bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d04dc4ccee4004c-WAW
expires
Thu, 20 Jan 2022 05:26:53 GMT
manage
router.infolinks.com/usync/ Frame 36BE 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa8d59df443964b349d9fcafb980369a5640a7b5ea9070cf4d02a714df7448b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-type
text/html;charset=UTF-8
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d04dc4ce8eb0863-CDG
content-encoding
gzip
lcmanage
router.infolinks.com/usync/ 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6d04dc4ce8ed0863-CDG
content-length
0
gsd
router.infolinks.com/ 		319 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&jsv=1776.020-3.025.ab.1782.007-3.025&_cb=16426456128630
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c4c059212606a0cb52abb125b3eae51cbb7ca011d24aa33165bd87a39ab472

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/javascript;charset=UTF-8
content-encoding
gzip
cache-control
max-age=0
cf-ray
6d04dc4ce8ec0863-CDG
expires
Thu, 01 Jan 1970 00:00:00 GMT
resistthemainstream.org.1261872.es6.js
jsc.mgid.com/r/e/ 		240 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1261872.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
184d572ad3c111911e77198f0d937bf84d68805bc59bbd69e882d41970b0a3db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
P4B4E2YA0YS87CJX
last-modified
Wed, 19 Jan 2022 15:52:43 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
OQEVcy8l7j8cuGEQMrX7bo9aQDbxIptvmH5lHGXvMFHYlhsQc+L5s1HqBTufwsIEGOWCO2Qjnyo=
cf-bgj
minify
server
cloudflare
etag
W/"b1ca8b1eda2f90fe6d53a6ec9e69e51e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d04dc4cef16004c-WAW
expires
Thu, 20 Jan 2022 05:26:53 GMT
13420768046326374
lockerdome.com/lad/ Frame 6405 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Thu, 20 Jan 2022 02:26:53 GMT
analytics.js
www.google-analytics.com/ Frame 7A15 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5147
date
Thu, 20 Jan 2022 01:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 20 Jan 2022 03:01:06 GMT
13420770663572070
lockerdome.com/lad/ Frame B62B 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Thu, 20 Jan 2022 02:26:53 GMT
13436276233712486
lockerdome.com/lad/ Frame 79F7 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=601
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Thu, 20 Jan 2022 02:26:54 GMT
13763115057895526
lockerdome.com/lad/ Frame 85AB 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Thu, 20 Jan 2022 02:26:54 GMT
collect
www.google-analytics.com/j/ Frame 7A15 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1858298980&t=event&ni=1&_s=1&dl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=AdUnitInHiddenContainer&ea=14264500010300518&_u=YADAAEABCAAAAC~&jid=1457983689&gjid=1497522370&cid=1976434000.1642645612&tid=UA-1933164-1&_gid=1548453399.1642645613&_r=1&_slc=1&z=1929094697
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
doq.htm
rt3027.infolinks.com/action/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3027.infolinks.com/action/doq.htm?pcode=utf-8&r=16426456131061
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2f5f1a8e1c1a8914fbfb2ae7adf40d1a4eaa20a1121d1bf9cb29c06683debd0

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
x-application-context
application:prod
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-language
de-DE
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
6d04dc4edd6654d0-MAN
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
de.tynt.com/deb/ Frame EC2D 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

cache-control
max-age=86400
expires
Fri, 21 Jan 2022 02:26:53 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Thu, 20 Jan 2022 02:26:53 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
usermatch
ssum-sec.casalemedia.com/ Frame 8C92
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3b1ab0f0505989ffeabcd0bd7afd6a2a3e5f184e00d5a9e58337b33d00c050a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|230|241|47|8|17|4
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Thu, 20 Jan 2022 02:26:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:53 GMT
Content-Length
1599
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Thu, 20 Jan 2022 02:26:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:53 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame 272E 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
pbm-usync
router.infolinks.com/dyn/ Frame 36BE
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzI3NzRBODEtQjVDRS00QjA4LTlBN0MtRjNFNzQwOEFDMUY1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzI3NzRBODEtQjVDRS00QjA4LTlBN0MtRjNFNzQwOEFDMUY1&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DC2774A81-B5CE-4B08-9A7C-F3E7408AC1F5
  • https://router.infolinks.com/dyn/pbm-usync?uid=C2774A81-B5CE-4B08-9A7C-F3E7408AC1F5
0
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=C2774A81-B5CE-4B08-9A7C-F3E7408AC1F5
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
6d04dc50db7e0863-CDG
content-length
0
expires
Wed, 20 Jan 2021 02:26:54 GMT

Redirect headers

location
https://router.infolinks.com/dyn/pbm-usync?uid=C2774A81-B5CE-4B08-9A7C-F3E7408AC1F5
date
Thu, 20 Jan 2022 02:26:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apn-usync
router.infolinks.com/dyn/ Frame 36BE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=2827396469763233072
35 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=2827396469763233072
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d04dc4f3a5a0863-CDG
content-length
35
expires
Wed, 20 Jan 2021 02:26:54 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:53 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
36ce5b38-4be0-47c7-aef0-e1cf3cb73caa
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://router.infolinks.com/dyn/apn-usync?user_id=2827396469763233072
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
u.openx.net/w/1.0/ Frame 36BE 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:53 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
VR-usync
router.infolinks.com/dyn/ Frame 36BE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58422/occ
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
  • https://router.infolinks.com/dyn/VR-usync?uid=y-k1R5QiZE2uH2gBYNEnU4RvMo8FsaetFPlU14SdY-~A
35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/VR-usync?uid=y-k1R5QiZE2uH2gBYNEnU4RvMo8FsaetFPlU14SdY-~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d04dc4f1a4a0863-CDG
content-length
35
expires
Wed, 20 Jan 2021 02:26:54 GMT

Redirect headers

location
https://router.infolinks.com/dyn/VR-usync?uid=y-k1R5QiZE2uH2gBYNEnU4RvMo8FsaetFPlU14SdY-~A
date
Thu, 20 Jan 2022 02:26:53 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
r1-usync
router.infolinks.com/dyn/ Frame 36BE
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6426900552
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6426900552
  • https://sync.1rx.io/usersync/tradedesk/d02c5bd6-56de-4851-aed3-177ca6bdbb36
  • https://sync.targeting.unrulymedia.com/csync/RX-44c716a0-2ac4-4ff0-8d18-4f0b47b69d59-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-44c716a0-2ac4-4ff0-8d18-4f0b47b69d59-003
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-44c716a0-2ac4-4ff0-8d18-4f0b47b69d59-003
35 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-44c716a0-2ac4-4ff0-8d18-4f0b47b69d59-003
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d04dc50ab620863-CDG
content-length
35
expires
Wed, 20 Jan 2021 02:26:54 GMT

Redirect headers

location
https://router.infolinks.com/dyn/r1-usync?uid=RX-44c716a0-2ac4-4ff0-8d18-4f0b47b69d59-003
date
Thu, 20 Jan 2022 02:26:54 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX44c716a02ac44ff08d184f0b47b69d59003
content-type
text/html
zmn-usync
router.infolinks.com/dyn/ Frame 36BE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://router.infolinks.com/dyn/zmn-usync?uid=
35 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store
cf-ray
6d04dc510b9a0863-CDG
content-length
35

Redirect headers

Location
https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
70
Content-Type
text/html; charset=utf-8
us
sync.go.sonobi.com/ Frame 36BE 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/ Frame 36BE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fresistthemainstream.org%252Fsidney-powell-responds-following-subpoena-from-jan-6-committee%252F%253Futm_source%253Dtelegr...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fresistthemainstream.org%25252Fsidney-powell-responds-following-subpoena-from-jan-6-committe...
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&pid=12306&adnxs_uid=2827396469763233072
95 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&pid=12306&adnxs_uid=2827396469763233072
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
HTTP/1.1
Server
52.16.87.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-87-205.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 20 Jan 2022 02:26:54 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Thu, 20 Jan 2022 02:26:54 UTC

Redirect headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:53 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b7cf6a8b-9d13-4883-8a64-bf612933212b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&pid=12306&adnxs_uid=2827396469763233072
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
dsp.adkernel.com/ Frame 36BE 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:54 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
imd-usync
router.infolinks.com/dyn/ Frame 36BE
Redirect Chain
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://router.infolinks.com/dyn/imd-usync?user_id=18eed8b5-e1b3-4469-b7b7-785c8bad8dfe&partner_id=1531
35 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/imd-usync?user_id=18eed8b5-e1b3-4469-b7b7-785c8bad8dfe&partner_id=1531
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d04dc4fcac10863-CDG
content-length
35
expires
Wed, 20 Jan 2021 02:26:54 GMT

Redirect headers

location
https://router.infolinks.com/dyn/imd-usync?user_id=18eed8b5-e1b3-4469-b7b7-785c8bad8dfe&partner_id=1531
date
Thu, 20 Jan 2022 02:26:54 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
outh-usync
router.infolinks.com/dyn/ Frame 36BE
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP6ea0e2be-7998-11ec-adbf-024986f1b40a
  • https://router.infolinks.com/dyn/outh-usync?uid=y-qGPNESBE2uEqwsJ.A7w3jkNXAYlUdnea~A~UP6ea0e2be-7998-11ec-adbf-024986f1b40a
35 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-qGPNESBE2uEqwsJ.A7w3jkNXAYlUdnea~A~UP6ea0e2be-7998-11ec-adbf-024986f1b40a
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d04dc4f9aa20863-CDG
content-length
35
expires
Wed, 20 Jan 2021 02:26:54 GMT

Redirect headers

location
https://router.infolinks.com/dyn/outh-usync?uid=y-qGPNESBE2uEqwsJ.A7w3jkNXAYlUdnea~A~UP6ea0e2be-7998-11ec-adbf-024986f1b40a
date
Thu, 20 Jan 2022 02:26:53 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
match.bnmla.com/ Frame 36BE 		0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:54 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
sovrn-usync
router.infolinks.com/dyn/ Frame 36BE
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
  • https://router.infolinks.com/dyn/sovrn-usync?uid=81102b21675c31d8a26b2455
35 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=81102b21675c31d8a26b2455
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d04dc55d8440863-CDG
content-length
35
expires
Wed, 20 Jan 2021 02:26:55 GMT

Redirect headers

Date
Thu, 20 Jan 2022 02:26:54 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=81102b21675c31d8a26b2455
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usersync
router.infolinks.com/dyn/ Frame 36BE
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DC2774A81-B5CE-4B08-9A7C-F3E7408AC1F5
  • https://router.infolinks.com/dyn/usersync?pmuservalue=C2774A81-B5CE-4B08-9A7C-F3E7408AC1F5
0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/usersync?pmuservalue=C2774A81-B5CE-4B08-9A7C-F3E7408AC1F5
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
6d04dc50ab600863-CDG
content-length
0

Redirect headers

location
https://router.infolinks.com/dyn/usersync?pmuservalue=C2774A81-B5CE-4B08-9A7C-F3E7408AC1F5
date
Thu, 20 Jan 2022 02:26:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
zeta-usync
router.infolinks.com/dyn/ Frame 36BE
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=5123196421114839241
35 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=5123196421114839241
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d04dc510b9b0863-CDG
content-length
35
expires
Wed, 20 Jan 2021 02:26:54 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=5123196421114839241
Date
Thu, 20 Jan 2022 02:26:54 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
ssc-cms.33across.com/ps/ Frame 36BE 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-33x-status
2000208
date
Thu, 20 Jan 2022 02:26:53 GMT
server
33XP001
iq-usync
router.infolinks.com/dyn/ Frame 36BE 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/iq-usync
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6d04dc506b320863-CDG
content-length
0
casale
match.adsrvr.org/track/cmf/ Frame 8C92 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 8C92
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YejIbXCf5E.PfdeVa0toygAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH9hyt6IczJm5bVhLQN24NI&google_cver=1&gdpr=1&google_hm=2
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH9hyt6IczJm5bVhLQN24NI&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 20 Jan 2022 02:26:54 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH9hyt6IczJm5bVhLQN24NI&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8C92 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YejIbXCf5E-PfdeVa0toygAABLoAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8C92
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YejIbXCf5E-PfdeVa0toygAABLoAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YejIbXCf5E-PfdeVa0toygAABLoAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YejIbXCf5E-PfdeVa0toygAABLoAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
G9NVP5F3YZZ2TRHZ1QE6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
T9DJ9QC4Q21VYSHVBTQT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YejIbXCf5E-PfdeVa0toygAABLoAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8C92
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0AqfnoEg1Nana65&gdpr=1
43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0AqfnoEg1Nana65&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 20 Jan 2022 02:26:54 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:53 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0f57142fe7121e10b@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0AqfnoEg1Nana65&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8C92
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=503daae9-3a34-44be-9f60-c13cc9a2ef3f&expiration=1674181614
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=503daae9-3a34-44be-9f60-c13cc9a2ef3f&expiration=1674181614
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 20 Jan 2022 02:26:54 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=503daae9-3a34-44be-9f60-c13cc9a2ef3f&expiration=1674181614
date
Thu, 20 Jan 2022 02:26:54 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 8C92
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 20 Jan 2022 02:26:54 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
106
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 8C92
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4399109690395746139
43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4399109690395746139
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 20 Jan 2022 02:26:54 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4399109690395746139
pragma
no-cache
date
Thu, 20 Jan 2022 02:26:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ix-usync
router.infolinks.com/dyn/ Frame 8C92 		35 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=YejIbXCf5E.PfdeVa0toygAA%261210
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d04dc4f8a980863-CDG
content-length
35
expires
Wed, 20 Jan 2021 02:26:54 GMT
in_search.js
resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ 		123 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/in_search.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ed4b80efbb81a92a82a727735aa23cd0e64ba7f8fe99507b31154f3042b9ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d04dc501afe0863-CDG
date
Thu, 20 Jan 2022 02:26:54 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 17 Jan 2022 12:23:36 GMT
server
cloudflare
age
5793
etag
W/"1eb61-5d5c638c3ad4d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Sat, 19 Feb 2022 00:50:21 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127290
x-xss-protection
0
expires
Thu, 20 Jan 2022 02:26:54 GMT
dc.js
stats.g.doubleclick.net/ Frame 6405 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1324
date
Thu, 20 Jan 2022 02:04:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Thu, 20 Jan 2022 04:04:50 GMT
dc.js
stats.g.doubleclick.net/ Frame B62B 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1324
date
Thu, 20 Jan 2022 02:04:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Thu, 20 Jan 2022 04:04:50 GMT
dc.js
stats.g.doubleclick.net/ Frame 79F7 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1324
date
Thu, 20 Jan 2022 02:04:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Thu, 20 Jan 2022 04:04:50 GMT
dc.js
stats.g.doubleclick.net/ Frame 85AB 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1324
date
Thu, 20 Jan 2022 02:04:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Thu, 20 Jan 2022 04:04:50 GMT
getads.htm
rt3027.infolinks.com/action/ 		121 B
296 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3027.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22news%22%2C%22scs%22%3A%22yxSgHpYhm-%22%7D%5D&rid=8d83ecef-c47c-4b65-bb2c-a1eee92896da&jsv=1776.020-3.025.ab.1782.007-3.025&sr=1600X1200&rts=1642645613426&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=97.0.4692.71&dv=p&ce=t&purl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&tzo=-0000&c=c&strg=true&rsd=wPP-AUubzVMf4QUX1TFOw-qkXJ0-WCJ0mEfz9GKH1U84yP722rqPwnyvTlz669-n-YiqdGWkOkB-J0Llzwbp3gltwKSXP-QdsUXXoOkk9uGYRpS-G_5toVEWmsUhsOIxtIrhl0hPTUl2o70BzCU2FLQk32M76bQm&rsk=55&rcs=l1iEQ7KhEcM7rpG4MC0MpA&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2164db37c8c0162887362f571cbc0172017fb0cfabe7a8103bff46ddfab2cfc2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
6d04dc506b2d0863-CDG
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
vidice.js
resources.infolinks.com/js/vidice/1.0/ 		620 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/vidice/1.0/vidice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d04dc50cb740863-CDG
date
Thu, 20 Jan 2022 02:26:54 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 10 Jul 2019 15:15:02 GMT
server
cloudflare
age
5055
etag
W/"9b0d4-58d552435a78c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Sat, 19 Feb 2022 01:02:39 GMT
api.min.js
a.omappapi.com/app/js/ 		202 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
ac3774c809f279d74ee1c089012274410b5715f3d0729a47100c0776a7952943

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
content-encoding
br
cdn-edgestorageid
756
perma-cache
HIT
cdn-storageserver
DE-51
cdn-cachedat
01/18/2022 22:57:58
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Tue, 18 Jan 2022 18:46:39 GMT
cdn-proxyver
1.02
cdn-fileserver
54
etag
W/"61e70b0f-329a3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
b4a03d249be4facbf31dbca8c4f45219
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
/
resistthemainstream.org/ 		121 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/?ajax-request=jnews
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3630e90357e0fc1a3fe032be863866365fd3b7d97524b4b9149fc0f873ee49a9

Request headers

Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFKsdzV9EMANjGDk%2FE%2BcLw3q7EGdjBYHnarF4VLQ7FUsqy3oR7zlhCn70b7xFPRW9ZGuFxHqFZGSigbggEmrLqmRPawmUst7Paf6g0tO0WgbQX1TRXfhhGKQV2%2B6myQ7jotBIkGRTlqB%2BU05PO9S3K21jvb4"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
6d04dc516d724a5b-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
age
14379140
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
IUM3-N0izpm_ZA8actzX4CH8BfT9ZUzql1blDSgz5OAGqXg1gr_ZEA==
cc-750x394.jpg
resistthemainstream.org/wp-content/uploads/2022/01/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2022/01/cc-750x394.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930ae03ab9f036b9a3aa21d7044d633edea02c5f7bb2b184ae49051d5b238efc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
cf-cache-status
MISS
last-modified
Wed, 19 Jan 2022 23:03:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJfCExiVEHuHIXGqgNRfbCb%2FPHd9t14IyMIKmKOMrRCIbvHMpI0YOhRLXK8JHAB9qyLOWL70PnSOJ1w4MS1f7%2FXBglsj2iPvsR1CNPp7ARKMOJhJ8a%2FgfQ0bBeuWAMGKbavNxfbpniJ0cwK%2FS0skk4DXr1MA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d04dc519daf4a5b-FRA
content-length
38805
expires
Sat, 19 Feb 2022 02:26:54 GMT
FotoJet-2-16-360x180.jpg
resistthemainstream.org/wp-content/uploads/2022/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2022/01/FotoJet-2-16-360x180.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec06bd6777d6a7ddfafcc9e410efcecb4b53adea00a9a0cac8efa8e92af332e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 20 Jan 2022 01:17:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EK5I7D7cI%2BUn%2Fl2GNLbeoqt0ZZqfRFhHu4nZSSMHgXjdA1fSWy9QKKEkslEw3QuGlDJBjgOIzgke6NmBQ2vo5b%2F%2BtyiUv%2FlZde6So%2Bz%2Fq3oPW8yxl%2F%2FsBINQbOOEWYwS84hPfnf%2FBU7umzA3dcoRoITUcWfC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d04dc519db84a5b-FRA
content-length
15897
expires
Sat, 19 Feb 2022 02:26:54 GMT
school-360x180.jpg
resistthemainstream.org/wp-content/uploads/2022/01/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2022/01/school-360x180.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:442c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c4da273cb8d561aed1086b23e7f5dee2a2faca53ab22a168671dc39f2480695

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 19 Jan 2022 20:00:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FVwD7CjDVQE6UB37bxyPHF2hNtXeDownTH%2B2G4JKqa12hh22IBS8OVr%2Fy3XFeVu7pmqiY5yjfk5bi5nBmHzMkv2KFNoOYu25KBjY7zUedOMGtTTjD6DjnjSQtnd176Q6g79U3n2zJXNQhswIqcA8X83r4CZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d04dc519dbb4a5b-FRA
content-length
20961
expires
Sat, 19 Feb 2022 02:26:54 GMT
13763115057895526
lockerdome.com/lad/ Frame A6CC 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/mka1sjxi/a3jph.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Thu, 20 Jan 2022 02:26:54 GMT
65f5f9c4-836a-460e-91f6-04a69f9b0e08
https://resistthemainstream.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://resistthemainstream.org/65f5f9c4-836a-460e-91f6-04a69f9b0e08
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
dc.js
stats.g.doubleclick.net/ Frame A6CC 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1324
date
Thu, 20 Jan 2022 02:04:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Thu, 20 Jan 2022 04:04:50 GMT
/
c.mgid.com/pv/ 		0
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1642645613811419427226&uniqId=0b68d&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&sessionId=61e8c86e-0c108&pageView=1&pvid=17e754eecf393890aeb&site=720235&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d04dc52d8a24031-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
content-encoding
br
cf-cache-status
HIT
age
5464
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6d04dc5308d04031-CDG
expires
Fri, 21 Jan 2022 02:26:54 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
content-encoding
br
cf-cache-status
HIT
age
5465
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6d04dc5308d14031-CDG
expires
Fri, 21 Jan 2022 02:26:54 GMT
1
servicer.mgid.com/1149360/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1149360/1?pv=5&cbuster=1642645613895664814400&uniqId=0b68d&niet=4g&nisd=false&jsv=es6&w=660&h=295&cols=2&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&sessionId=61e8c86e-0c108&pageView=1&pvid=17e754eecf393890aeb&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ef9b5af12d75b08cbc5060fc8a9906f007f1c390c9e409a127320bfce905b04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d04dc5359124031-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1156929/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1156929/1?w=1140&h=2875&p6_w=300&p6_h=250&maxw_6=300&maxh_6=250&cols=1&pv=5&cbuster=1642645613905438371288&uniqId=03076&childs=1225368&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&sessionId=61e8c86e-0c108&pageView=0&pvid=17e754eecf393890aeb&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b846c4d4791756ff1337620e40c675afa5fd05cfbc40b2a2bb20477ba132c3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d04dc5359154031-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzFiZjY1ODE1OTI1ZGVjNzBhYTQzMDMzNTM2NGRjOTlmLmpwZWc.webp
s-img.mgid.com/g/4147879/492x277/0x158x642x428/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4147879/492x277/0x158x642x428/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzFiZjY1ODE1OTI1ZGVjNzBhYTQzMDMzNTM2NGRjOTlmLmpwZWc.webp?v=1642645614-FzoGgZzK1dcOSBOjhTKFwjh06TF4lL-NMKokKKmTrTA
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff538091b471bf8008583b9d394c466a60f6b4fcf01c2808acc4e5a268a54b5

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:50:20 GMT
x-mg-request-uuid
a33c1f4e-4294-4631-8690-17da3b7084a1
age
32770
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc542f2a087b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11070
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2IxZGQ1MjU2NWJjYjhiN2VlZWFiMjM1ODQ3YjA5ZGM2LmpwZWc.webp
s-img.mgid.com/g/5523133/492x277/0x198x1024x682/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5523133/492x277/0x198x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2IxZGQ1MjU2NWJjYjhiN2VlZWFiMjM1ODQ3YjA5ZGM2LmpwZWc.webp?v=1642645614-pDC2LiBPPPF9lUwwZp15KRS25-3J5FSAlAw0b55W4Lg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
303c31e35f989342766fceb81b3fc07a4efc89d7a7a160687dd1300e07dbf65f

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:59:48 GMT
x-mg-request-uuid
90529817-8108-4a54-9472-2a3cdbcefddf
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc542f2b087b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27374
server
cloudflare
v2dplGvGM50exlLI7aRA9H-aKPzsAg-E5R9y8oHfwJp7_CneOCSbC4r4shQgBZ3COnrGnzSGzdMm8uBHR2Q
fearlessfaucet.com/ 		209 B
630 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2dplGvGM50exlLI7aRA9H-aKPzsAg-E5R9y8oHfwJp7_CneOCSbC4r4shQgBZ3COnrGnzSGzdMm8uBHR2Q
Requested by
Host: fearlessfaucet.com
URL: https://fearlessfaucet.com/v2gll8Qzgxs-F_tAfYbN9Vu7gRE70yQNcPsdfwHvFYjQd7BtKRQGQf8_AneFC7YOk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0c165d6f216862e57112c9af1dc3f0737ed3ee8b82654962d8ada740142895e2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Thu, 20 Jan 2022 02:26:54 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-lv9m
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Thu, 20 Jan 2022 02:26:53 GMT
i.js
cm.mgid.com/ 		0
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1642645614052416312362
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6d04dc5459d44031-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
v2reagOUg9QO5TYrj7JH_SGqDzdqmZuZkmvc3PHRNmsGDwEa-E7IkP0-rbFyn5yjKZu8BQUmv9j4TXyxeFg
fearlessfaucet.com/ 		3 B
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2reagOUg9QO5TYrj7JH_SGqDzdqmZuZkmvc3PHRNmsGDwEa-E7IkP0-rbFyn5yjKZu8BQUmv9j4TXyxeFg
Requested by
Host: fearlessfaucet.com
URL: https://fearlessfaucet.com/v2gll8Qzgxs-F_tAfYbN9Vu7gRE70yQNcPsdfwHvFYjQd7BtKRQGQf8_AneFC7YOk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Thu, 20 Jan 2022 02:26:55 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-lv9m
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
i-noref.js
cm.mgid.com/ Frame C5CA 		0
62 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=164264561408021991656
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6d04dc5479ef4031-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
performance.css
video-native.mgid.com/mgPlayer/css/1.11/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
065a72457e105102f8a17ce715d02d3d803bd7ed05a9acad86a7b17fa6231a6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Thu, 20 Jan 2022 02:26:54 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 13:39:06 GMT
server
nginx
etag
"9f9c-5cfce6ad8b26d-gzip"
vary
Accept-Encoding
x-cached-since
2021-12-21T12:41:18+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
6873
expires
Wed, 21 Dec 2022 12:41:18 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNzU5NjQ1ZGRkMGYwNzZlZ...
s-img.mgid.com/g/11739866/492x277/-/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739866/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNzU5NjQ1ZGRkMGYwNzZlZjQ1OGI5MDJhM2QxNmE3NGYuanBn.webp?v=1642645614-bc1jcVy0mRx8HWncc-VXerA4Hisu05AUrMc7YJkgW0U
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd0377ec36b97a4a5f62afa27cdcded344619ab365e8af6614afafeea3f67a00

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:51:53 GMT
x-mg-request-uuid
bc1ec969-9da3-4ca9-a151-ee7dfe9365bb
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc54ec600009-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11784
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNC8xMDE5MjQvZDQ3YmUwM2JjMTQ1MzQ4Y...
s-img.mgid.com/g/10881020/492x277/-/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10881020/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNC8xMDE5MjQvZDQ3YmUwM2JjMTQ1MzQ4YThiMDNjYzkwMWNkMmMxMTYuanBlZw.webp?v=1642645614-WsfMOpquab6WME-RcPQ1ASTNNcPxz_NNN1tkvMkLA-I
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b546466cf0ea937202b7f8985ea05fbc36070cdfdbfc267b68f7eb351e4040e

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:24 GMT
x-mg-request-uuid
a7ccebdb-5c9e-48f1-906a-99859d6d1778
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc54ec660009-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13434
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp
s-img.mgid.com/g/8193521/492x277/0x168x565x376/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193521/492x277/0x168x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp?v=1642645614-RoKDLPsEliv0uOeYf4DoJRxAj96KEGbFD-Ts35OUspw
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
241681b101eb2199fb6eec6d98b077310ae29cffdd85a0f6638e6cd9500bd9bb

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:51:22 GMT
x-mg-request-uuid
8eb2509e-4b36-4a2a-88f7-c2a2cb0f4034
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc54ec610009-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10808
server
cloudflare
aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.jpg?v=1642645614-npa0gj76f7CmJokDoXa99XvgebixdZLQC-i5mJxN77E
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d7d981d8ac09da34c03c3b4914104e830ceed745bad1523117e9d511073a0e

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
HIT
x-mg-request-uuid
f4b32c02-ae77-429f-aaee-86f0b9d9917c
age
1226754
cf-polished
qual=85, origFmt=jpeg, origSize=35326
content-disposition
inline; filename="aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28540
last-modified
Thu, 11 Nov 2021 15:42:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc54ec640009-WAW
cf-bgj
imgq:85,h2pri
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2UxYjE3OTQ4ZjBmNjQxNzA2NWEzYzY4OGUwZDVhYmRjLmpwZz90PTE0OTc5ODE2MzgxODc.webp
s-img.mgid.com/g/3805579/492x277/98x0x946x630/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805579/492x277/98x0x946x630/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2UxYjE3OTQ4ZjBmNjQxNzA2NWEzYzY4OGUwZDVhYmRjLmpwZz90PTE0OTc5ODE2MzgxODc.webp?v=1642645614-S-dP2jn_KE7O_GUZk_wznvCHSt9RKkcTe7BnxydxmZE
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fe753ed066811d0f3f5cd833bca8f539641b96e5b69a07e3297557769be22c0

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:49 GMT
x-mg-request-uuid
c904cc36-9400-423d-928f-610555f48f21
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc54ec6b0009-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14090
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzg5MWI1MzA3M2Q2OGUyO...
s-img.mgid.com/g/11533297/492x277/-/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533297/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzg5MWI1MzA3M2Q2OGUyODAzMGY1M2FhMjViNzhhOTEuanBlZw.webp?v=1642645614-nrVr5Y-bhR83vuITq7onWgsNp-7PCxm003ii7lx0gDQ
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a747c61c2762926db3f5fb6b9018e2da640cad4f7bbb89aab50ec1632c9aeb78

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:24:55 GMT
x-mg-request-uuid
8b0525db-d8d6-44a4-9158-b25608a4fa76
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc54ec670009-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11970
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNjAzLHlfMjg4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC8zZDFkN...
s-img.mgid.com/g/11533462/492x277/-/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533462/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNjAzLHlfMjg4L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC8zZDFkNzY4MjNlMmY4MTcyOGY0ZWExNDQ1MWY0MjAyYy5qcGc.webp?v=1642645614-uC-HrZ6b1uEvesVVSMVeAsANiEc064HMo6kEZ0Awlck
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d20c4a1453fbc4e0b963cf7c3a48882373f0776dcdb8a80e53cf7b4bca4e0768

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:34:43 GMT
x-mg-request-uuid
367d7b68-2194-438a-b6cd-0d86b71f211f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc54ec690009-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27094
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2RhYzIzNWU5MTYyNmE1Njg5YTQ2Y2EyYmQ2YzY0NDhlLmpwZw.webp
s-img.mgid.com/g/8164907/492x277/0x119x501x334/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164907/492x277/0x119x501x334/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2RhYzIzNWU5MTYyNmE1Njg5YTQ2Y2EyYmQ2YzY0NDhlLmpwZw.webp?v=1642645614-Zov9oqgwZP9TrduQavetKUKzJJID_kvD8nAq6Swhn5M
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdfb3f0436bf28f56e88a7e8d60c6db1bd32c96fc76765c068222a5455b75038

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:43:49 GMT
x-mg-request-uuid
8169476e-b9e6-422c-bd07-a898874d0a49
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc54ec700009-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23682
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzM0Njc2YmE2NzgxZDU4YzNhMDI2MTQwNzVjMDliNGQ4LmpwZWc.webp
s-img.mgid.com/g/5523126/492x277/0x289x684x456/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5523126/492x277/0x289x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzM0Njc2YmE2NzgxZDU4YzNhMDI2MTQwNzVjMDliNGQ4LmpwZWc.webp?v=1642645614-OfGJ2wFxDhQ0qeeLXKvmg0sDp02p9tiFiv3aO_on3DE
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ee239687f47cfd398414ca4ce4a50014ec75ce6e0085aa8b4640b72293e32c

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:54:17 GMT
x-mg-request-uuid
fc51926c-3cb4-4512-a1a9-4927f42c2a98
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc54ec6d0009-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13236
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZmI0NTVkYjcxYzM5Y2ZiY...
s-img.mgid.com/g/11533334/492x277/-/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533334/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZmI0NTVkYjcxYzM5Y2ZiYmI4Y2VjMjUwYWI3N2E2ZmQuanBlZw.webp?v=1642645614-mkCZW8Zs6UE2lNB7aAirIYzRdZG__B7oVx4lvJPogiA
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a390d36acb3ee2b82c79b9ee37bf7aae8f3b520eb1f2d2ce952ca77b42341287

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:24:03 GMT
x-mg-request-uuid
8a919e86-82a3-43f0-a6f0-053752e5b00a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc54ec6e0009-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11860
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzAwZWE1ZGI4ZmM2ODFhNGM0MTc0MWZiYjZhZDdhNjhlLmpwZz90PTE0OTgxNjIyNTA1ODg.webp
s-img.mgid.com/g/3805611/492x277/133x0x996x664/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805611/492x277/133x0x996x664/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzAwZWE1ZGI4ZmM2ODFhNGM0MTc0MWZiYjZhZDdhNjhlLmpwZz90PTE0OTgxNjIyNTA1ODg.webp?v=1642645614-nQ47DtXdCKq6mKPKBcfz6tORzrgbHVhS88Uobnqc8Ms
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65c04c59556a278cd23441cfe7ad128fea5694c4a25a77f0dc32c809c38a9def

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:06 GMT
x-mg-request-uuid
b5b5f424-7052-4b1a-be68-7013ec8a2fa9
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc54ec5b0009-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13958
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvMDZmMjAzZWRjNjcwOTExZ...
s-img.mgid.com/g/11739848/492x277/-/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739848/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvMDZmMjAzZWRjNjcwOTExZjUyZjFmZjdiZDllNGM1YzUuanBlZw.webp?v=1642645614-EIffMfzb5iN2LhIoRZsDENab4ZKV4vmUXfOtM4EFATY
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28e95c0c629214fd64fe7c628cc37357d903aa65fb950d35d2e43d9c07e10e3e

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:52:38 GMT
x-mg-request-uuid
ebd6acd3-2869-475c-9bff-6e4a1dcc4cb3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc54ec5c0009-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21486
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xMWY2MGFiMGU3MWUxZTY2MzA1MDQzYTM3MWNlNWRkMS5qcGVn.webp
s-img.mgid.com/g/8193511/492x277/0x0x795x530/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193511/492x277/0x0x795x530/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xMWY2MGFiMGU3MWUxZTY2MzA1MDQzYTM3MWNlNWRkMS5qcGVn.webp?v=1642645614-ZoioWyB7lsrYDBajHURv7Ta4h_MMzSb1wT_n0NW_kpQ
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b32b1b3d9c9d72fb2bcbb42fbedcf0d778b362da47d78d45ff6d3cea98bd7f58

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:40:19 GMT
x-mg-request-uuid
58f46409-9a08-42ed-8f17-aec26f7d5e9b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc54ec5d0009-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10988
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzI3OTM2N2U5MzUxNzU5Z...
s-img.mgid.com/g/11533315/492x277/-/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533315/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMzI3OTM2N2U5MzUxNzU5ZmJkYmEyOGJjMmY5YWFiYjUuanBlZw.webp?v=1642645614-vDlkAnV7Upp5VfRD8a0k-d2ljmMXP1_n9UvuYYgJx6k
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef4c4308ced26a76b53987f2a0b47713fdfcb83f025b501bc0a5ab378c748cfd

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:24:02 GMT
x-mg-request-uuid
df6914e8-7b21-47b2-bbb5-72061360e428
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d04dc54ec5e0009-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15040
server
cloudflare
mgWidget_1.11.78.es6.js
cdn.mgid.com/js/wglibs/ 		314 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.78.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46e926a23660a6f833a06e9ba31e4931f32becc476b01cf6241cecafa4dcff0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:54 GMT
content-encoding
br
cf-cache-status
HIT
age
372
last-modified
Wed, 19 Jan 2022 16:08:30 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
ZJV430C9XH88CCSM
x-amz-id-2
OhA+y5pK+kKSBlvAxXyq9hdsHl7ZBQuu+3olZpEN2mnBQMY3VWDpWChRTyNai9RN
cf-bgj
minify
server
cloudflare
etag
W/"4d6fbc92c9a0452d1f0fa7952c1086b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6d04dc54de0d004c-WAW
expires
Fri, 21 Jan 2022 02:26:54 GMT
mgadt.449143.js
player.adtcdn.com/prebidlink/456290.44837305555/ Frame BEC9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/456290.44837305555/mgadt.449143.js?domain=resistthemainstream.org
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16e834b5ad20a091f05e1f51cfeacfbb7b1496f6562ec40b07d36f3bdcd1cb77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 25 Aug 2021 13:57:50 GMT
server
cloudflare
etag
W/"61264c5e-805"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHtHUTl6piBIh9aiCm3zcEZG65wppXFTLncNIDJliQRyaB69kNoI%2FDz0XtOIlKm4zKDpILJ4au%2Bgjg8tMCgLJSD8kFmRTgw53hUp3mxSvkRqw%2FW5nc2qnLTd8MKXNP0G%2B7E4ktvhzljqyMvVolGwzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc5519cc59d1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 20 Jan 2022 02:41:55 GMT
5f431e98-d068-4121-80c6-6b10f6bbe34f
player.ex.co/player/ 		753 KB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.78.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
88da04adace3de845df5c62268ca996fb4b16fd798368ff29d37bbedc2da5bc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
gzip
age
11195
x-cache
HIT, HIT
access-control-max-age
600
content-length
223921
x-served-by
cache-iad-kjyo7100077-IAD, cache-mxp6920-MXP
access-control-allow-origin
*
server
nginx
x-timer
S1642645615.124472,VS0,VE2
etag
W/"bc57c-Jtj5esqgX5obJD6Pq/SxQ46DuE0"
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1, 1
449143_resistthemainstream.org.js
player.adtcdn.com/prebidlink/456290/ Frame BEC9 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/456290/449143_resistthemainstream.org.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456290.44837305555/mgadt.449143.js?domain=resistthemainstream.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfca22abe0436e064d1b8da30d9e4f73f9abd2e1552d6c7a46f7daacf12f014b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Jan 2022 17:00:07 GMT
server
cloudflare
etag
W/"61e05a97-41f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ny7rC6NYTziT0yRhs9UIPvFtBuQML3%2BVPALpHPc95FZrVBcDMlhX%2FAfX2bk86Y65s%2B4I6uU5far8OGXjJnEFBZJAXij8TbpvBcwPbz1eUOUWmnD7kdOvT5KlK96J2lRb9IEW8Xm4U0hZtIkULjxdwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d04dc56aeb13745-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 20 Jan 2022 02:41:55 GMT
events
prd-collector-anon.ex.co/main/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.123.106 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-123-106.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Thu, 20 Jan 2022 02:26:55 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 00:31:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 20 Jan 2022 02:26:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jan 2022 02:26:55 GMT
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 20 Jan 2022 02:31:55 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame DF19 		347 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e9126e8b93d347b328196191cea7e2663506a0e66db75bc82b40afdd297af463

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtKMeoJ_iJUDjAlOyVH-Ps3j9nMoBHH9kIKZ7UyCxWtEIBF-ewy47ux0ufNNvPvgjsScrdPaORCMBB4YsjSZLKk4HIKiA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99177
last-modified
Sun, 16 Jan 2022 15:13:51 GMT
server
UploadServer
etag
"a539e2b6a9077713b540f13033f629a5"
vary
Accept-Encoding
x-goog-hash
crc32c=GYzRHA==, md5=pTnitqkHdxO1QPEwM/YppQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1642346031448105
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99177
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 20 Jan 2022 02:31:55 GMT
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.123.106 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-123-106.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Thu, 20 Jan 2022 02:26:55 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1642645614678&cid=6187a5a49268ad27da7716d8&VERSION=4.122.1&AV_PAGE_LOAD_UID=c0d4a270-5b07-4e73-891a-7f0221f3472a&AV_CDIM4=c0d4a270-5b07-4e73-891a-7f0221f3472a&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.50.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-50-69.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hbw_master_449880_12335.js
player.adtelligent.com/prebidlink/456290/ Frame BEC9 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/456290/hbw_master_449880_12335.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/456290/449143_resistthemainstream.org.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
eb9e17a5509f9c4a63dc76de25bd0a6e0dff55e0794d350e22614b1e31037a8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 16:59:37 GMT
server
nginx
etag
W/"61e05a79-12eb2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 20 Jan 2022 03:26:55 GMT
cache-control
max-age=3600
x-proxy-cache
MISS
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=resistthemainstream.org&sn=&cd4=c0d4a270-5b07-4e73-891a-7f0221f3472a&cd5=default&ic=0&tgt=0&app=&wi=679&he=383&test=&d36=6.1.2.98&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=6187a5a49268ad27da7716d8&stagid=&stplid=&e=inventory&vi=0&cb=1642645614835
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.106.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-106-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
premiumsrv.aniview.com/api/adserver/tag/ 		33 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.122.1&AV_PAGE_LOAD_UID=c0d4a270-5b07-4e73-891a-7f0221f3472a&AV_CDIM4=c0d4a270-5b07-4e73-891a-7f0221f3472a&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=6187a5a49268ad27da7716d8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=resistthemainstream.org&AV_DADPOS=3&d36=6.1.2.98&responsive=1&sver=1&avtoken=614835&AV_WIDTH=679&AV_HEIGHT=383&AV_DNT=0&cb=1642645614851
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.101.235.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-235-47.compute-1.amazonaws.com
Software
/
Resource Hash
e1fdff8d9836d079e9a3fbd65eef169903719605f204628861de4189863774af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache
access-control-allow-credentials
true
expires
Sat, 08 Jan 2022 12:40:15 GMT
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/sp_hd/v1490095101/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
50fd1b0192e22f68957f2f557255fc06d698bfd8bfa8e168596f443e5b5831f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:55 GMT
Cache-Tag
299890703640246977373298896385374012786,394554537382471183304184472313687845759,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1127
X-Served-By
cache-wdc5535-WDC
Last-Modified
Wed, 09 Jun 2021 05:29:07 GMT
Server
cloudinary
X-Timer
S1638941994.177004,VS0,VE0
ETag
"a42c7ae8b866ad428f953d7bc38769d0"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27854054
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3fd866705913987f41eae0cd3122f984656896b60daf4385f99ed0e356978e33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:55 GMT
Cache-Tag
299890703640246977373298896385374012786,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1331
X-Served-By
cache-wdc5537-WDC
Last-Modified
Fri, 28 May 2021 02:55:25 GMT
Server
cloudinary
X-Timer
S1638944855.651350,VS0,VE1
ETag
"b87901333b21d30f970a9d9982f6400d"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27856906
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
hb_449880_12335.js
player.adtelligent.com/prebidlink/ex19012/ Frame BEC9 		396 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456290/hbw_master_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
53c8a09bc11470624b68cc9ed6b8e09af3fbb18a9af4c243272b5dfeba2490e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 16:34:08 GMT
server
nginx
etag
W/"61e05480-62e3b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 20 Jan 2022 03:26:55 GMT
cache-control
max-age=3600
x-proxy-cache
REVALIDATED
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/ 		114 KB
115 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
bc871abfceed2f798929653305bcf0c2997c58d7f4f2e86afa881927900d2eb6

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-116747

Response headers

Date
Thu, 20 Jan 2022 02:26:55 GMT
Cache-Tag
299890703640246977373298896385374012786,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-116747/913116
Connection
keep-alive
Content-Length
116748
X-Served-By
cache-wdc5574-WDC
Last-Modified
Fri, 28 May 2021 02:55:25 GMT
Server
cloudinary
X-Timer
S1638944740.502891,VS0,VE1
ETag
"a7d8f4b80d06c540ff9289b382f53422"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27856774
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
/
ghb.adtelligent.com/geo/ Frame BEC9 		132 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456290/hbw_master_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
d8de4a3f83966d7375cb59846a5fe87b38ca6e5cd2253d6a6550c3a38e28cc71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Thu, 20 Jan 2022 02:26:55 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
132
Content-Type
application/json
tracking
ghb.adtelligent.com/adunit/ Frame BEC9 		43 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=449880&site_id=12335&full_page_url=https%3A%2F%2Fresistthemainstream.org&adid=mcscc9.1x&features=32&vpbv=N042&lifecycle_tte=859
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456290/hbw_master_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Thu, 20 Jan 2022 02:26:55 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
f3d309f9-a248-45e6-91ed-0ea59c3221ec
https://resistthemainstream.org/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://resistthemainstream.org/f3d309f9-a248-45e6-91ed-0ea59c3221ec
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
07b28c082dd42dd5f74447cf4d9351338f6c1e81984a42989fe3978d699af694

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:55 GMT
Cache-Tag
299890703640246977373298896385374012786,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1342
X-Served-By
cache-wdc5574-WDC
Last-Modified
Fri, 28 May 2021 02:55:30 GMT
Server
cloudinary
X-Timer
S1638944740.122476,VS0,VE103
ETag
"61fce59e82eca3dfbd97c9bb6ec77a6d"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27856761
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		199 KB
199 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
80e7ae17ac456d2b2cc8d8e5b0d34085903b49ba27050029d81938b8d3a9b5ce

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-203415

Response headers

Date
Thu, 20 Jan 2022 02:26:55 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-203415/1551376
Connection
keep-alive
Content-Length
203416
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27856657
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
config.json
player.adtelligent.com/exchange_rates/449143/ Frame BEC9 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/449143/config.json?cb=https%3A%2F%2Fresistthemainstream.org
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
453c0a771efefff092c422c7a2a6b0aac26418129fb5846de0a4cfb4cb1ee6b7

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
gzip
last-modified
Thu, 20 Jan 2022 00:02:13 GMT
server
nginx
etag
W/"61e8a685-4dd4"
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
expires
Thu, 20 Jan 2022 03:26:55 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
vr
ghb.adtelligent.com/ Frame BEC9 		510 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/vr?bids=2741,2905,6515,9553,14408,14647,14715,14734,14770,17945,17994,18078,18331
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456290/hbw_master_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
77339409ba41907335306a72ac430e45b94f0b9b8f835c97cd0aa08af7f82304

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:55 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json
Access-Control-Allow-Origin
https://resistthemainstream.org
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
271
localstore.js
script.4dex.io/ Frame BEC9 		483 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1178636
x-amz-request-id
tx866870b037e0440b86325-0061d6cc60
x-amz-id-2
tx866870b037e0440b86325-0061d6cc60
last-modified
Mon, 06 Dec 2021 11:00:36 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhBPQVpFPRIbLodasL%2F1WvR4siYucbx0qQJB1nK7ApluMYACdk6RGszu7u56hXKae4t0Az6GqBz2R4i0lA0RQkp5VHfAxYLznCw7ZNVzRqsEqouqkugP9TB2ddxrn2CCcC%2B%2F%2FiwmH5XOSt9P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1638788436623244
cf-ray
6d04dc5b384e59f5-MXP
prebid
lockerdome.com/ladbid/ Frame BEC9 		11 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/ladbid/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Thu, 20 Jan 2022 02:26:55 GMT
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Content-Encoding
gzip
Content-Length
31
Content-Type
application/json; charset=utf-8
/
ghb.adtelligent.com/v2/auction/ Frame BEC9 		424 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
fd90fd0db0152a24cd2d5e29ded225a1bff3cd5dd2eaee31ba418fb0ec92375b

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Jan 2022 02:26:55 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://resistthemainstream.org
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
301
prebid
ib.adnxs.com/ut/v3/ Frame BEC9 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7a55efe08edfebe7597a59ba39f002fdb95015085233d361a39b849b952491f5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Jan 2022 02:26:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f7540899-ca6a-45e2-8fa3-a7ad893e22fd
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://resistthemainstream.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
pbjs.e-planning.net/hb/1/2e43c/1/resistthemainstream.org/ Frame BEC9
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/resistthemainstream.org/ROS?rnd=0.43522020597622446&e=300x250_0%3A300x250&ur=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subp...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/resistthemainstream.org/ROS?ct=1&r=pbjs&rnd=0.43522020597622446&e=300x250_0%3A300x250&ur=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-foll...
516 B
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/resistthemainstream.org/ROS?ct=1&r=pbjs&rnd=0.43522020597622446&e=300x250_0%3A300x250&ur=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&e_pubcid=8f40cd8d-03bd-4a39-a194-7238342f3471
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
a9309029b10c0ccb07a5cd54b778347fd0484bc1e213cfe89b58aed952d3eb1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://resistthemainstream.org
expires
Thu, 20 Jan 2022 02:26:55 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
516
x-sid
AMS-606

Redirect headers

date
Thu, 20 Jan 2022 02:26:55 GMT
server
openresty
access-control-allow-origin
https://resistthemainstream.org
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2e43c/1/resistthemainstream.org/ROS?ct=1&r=pbjs&rnd=0.43522020597622446&e=300x250_0%3A300x250&ur=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&e_pubcid=8f40cd8d-03bd-4a39-a194-7238342f3471
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-606
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame BEC9 		0
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Thu, 20 Jan 2022 02:26:55 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
mp.4dex.io/ Frame BEC9 		99 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1fc438ffc1479a3718733925bee4449484921a0654c6ecaf9ccdee940565339

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Validating the Prebid Request. empty supply chain
content-encoding
gzip
x-err
Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d04dc5b5ca00e12-MXP
expires
0
bid
research.adtelligent.com/ Frame BEC9 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://research.adtelligent.com/bid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.83.70.67 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/ Express
Resource Hash
d2f6e88ed8cdf17e4bbaa06802925c7aebd279ed2140ac34e8c36672805aafc9

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
X-Powered-By
Express
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://resistthemainstream.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
5976
auction
rtb.adxpremium.services/openrtb2/ Frame BEC9 		324 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
48ccf9c9503985022eff00ce765bdf89d323f6bf43a35e453145f9910cf95388

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
324
expires
0
adjson
ads.betweendigital.com/ Frame BEC9 		2 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid-request
onetag-sys.com/ Frame BEC9 		15 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/ Frame BEC9 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2f980245c1a53adbf6bbe064d326e7057f6c5c9bc561165fd5f967b82f019e2c

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Thu, 20 Jan 2022 02:26:54 GMT
cache-control
no-cache, no-store, must-revalidate
x-openrtb-version
2.3
access-control-allow-credentials
true
content-type
application/json
cdb
bidder.criteo.com/ Frame BEC9 		18 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=32650370052
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BEC9 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&eid_pubcid.org=8f40cd8d-03bd-4a39-a194-7238342f3471%5E1&rf=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=7066a7b8-4f77-4ba4-9a74-c77f8013deab&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.23414500161849938
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5c3b13e776d614340c9cc91fb0482a097ff800637deaa114b182d447e5fc70a7

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:56 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://resistthemainstream.org
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1735
Expires
Wed, 17 Sep 1975 21:32:10 GMT
j.html
p.jsapicdn.com/prebidlink/19012/ Frame AEFA 		1 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.jsapicdn.com/prebidlink/19012/j.html?i=11593
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 16 Sep 2020 14:50:15 GMT
etag
W/"5f622627-434"
cache-control
max-age=3600
content-encoding
gzip
expires
Thu, 20 Jan 2022 03:26:55 GMT
access-control-allow-origin
*
csyncs
ghb.adtelligent.com/ Frame BEC9 		441 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=669727&aid2=669728&aid3=undefined
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456290/hbw_master_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
3faab7c9662cb1cb145cedbb4272ad02bc81021596cccc18a03788ae3e34d0e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:55 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://resistthemainstream.org
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
283
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		121 KB
122 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
8a6e2d4bbbe4f00b6a81ab036c29d0471f1755d4bf48285c433ec79ad3c0b132

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=203416-327683

Response headers

Date
Thu, 20 Jan 2022 02:26:55 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 203416-327683/1551376
Connection
keep-alive
Content-Length
124268
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27856657
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame BEC9
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=125e501c0ba036f3
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=125e501c0ba036f3
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
HTTP/1.1
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=125e501c0ba036f3
Date
Thu, 20 Jan 2022 02:26:56 GMT
Server
VertaMedia 1.0
Etag
125e501c0ba036f3
Content-Length
0
match
dm.hybrid.ai/ Frame BEC9 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
106
x-xss-protection
1; mode=block
expires
-1
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 01:54:06 GMT
x-content-type-options
nosniff
age
88369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 01:54:06 GMT
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.123.106 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-123-106.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Thu, 20 Jan 2022 02:26:55 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 60FB 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=20732
expires
Thu, 20 Jan 2022 08:12:28 GMT
date
Thu, 20 Jan 2022 02:26:56 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 4699 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D42%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5213aa9610d93b94c9be03e25b3c43ed00b97ae93aae88d29e81ea9c02a267c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|88|130|51|111|40|65
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Thu, 20 Jan 2022 02:26:56 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:56 GMT
Content-Length
1564
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 4C30
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Jan 2022 02:26:56 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
date
Thu, 20 Jan 2022 02:26:55 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
merge
ce.lijit.com/ Frame 1A6A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=376385&3pid=1642645615828-962636890624-008323-012-006776&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D18%26key%3D%5BSOVRNID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
nginx
Date
Thu, 20 Jan 2022 02:26:56 GMT
X-MERGE
GDPR Optout true
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2sea1
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.123.106 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-123-106.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Thu, 20 Jan 2022 02:26:56 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
avpb3.js
player.aniview.com/script/6.1/ Frame DF19 		314 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
28dd5351e2aa52056b10d3f771c4a60fe54d1968e7f9b620c5a4183a204a8c6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdufkIk48KZgmvCxy0a5FJcQ4hHQsvr5b7NIAnzZ1pa2na_jzY-_je86cfWDengs9Bf7sk_843CfXetBr9Wbp9g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99493
last-modified
Sun, 16 Jan 2022 15:12:35 GMT
server
UploadServer
etag
"30bbe5f0e6bafe9f80485d4ce2024086"
vary
Accept-Encoding
x-goog-hash
crc32c=XUJX7Q==, md5=MLvl8Oa6/p+ASF1M4gJAhg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1642345955262662
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99493
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 20 Jan 2022 02:31:55 GMT
vast2
tag.targeting.unrulymedia.com/rmp/236691/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/236691/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&w=410&h=231&cbb=2645615260
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814599&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fs...
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814599&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fs...
129 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814599&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2645615263&cklb=1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:55 GMT
access-control-allow-origin
https://resistthemainstream.org
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814599&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2645615263&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814598&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsi...
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814598&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsi...
129 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814598&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2645615265&cklb=1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:55 GMT
access-control-allow-origin
https://resistthemainstream.org
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814598&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2645615265&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
vast2
tag.targeting.unrulymedia.com/rmp/243572/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/243572/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&w=410&h=231&cbb=2645615265
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&w=410&h=231&cbb=2645615265
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/234705/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&w=410&h=231&cbb=2645615265
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=6968&t=1642645615&cip=193.27.14.44&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1642645615828-962636890624-008323-012-006776&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.98&cb=66230109894&cd4=c0d4a270-5b07-4e73-891a-7f0221f3472a&cd5=default&cd1=4.122.1&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=request&cb=1642645615266&asid=603bb6ac619b766728187834%2C61129c5f0e70e663bd7c5b71%2C6187a5a23223786bb66bb49e%2C60254e56dcfb6a082e596646%2C5fa2711a54dbb238c9289f7d%2C6187a5a2beecd3492774a80b%2C60254eaaea2c62223814f756%2C6187a5a2f2ea41121e3cbd26%2C5b30e37c073ef468ec3ca049%2C61b754ed61c198758737a774%2C5fbe5add3443ef680f0480d7%2C5fbe5d4370a94c4b696b7ccc%2C5e1b272e28a06142643c20cd%2C60c60c3b1731ed2b383f0908&ofpr=6%2C%2C%2C%2C2%2C%2C1%2C%2C%2C%2C%2C2.8%2C3%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.106.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-106-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
adagio.js
script.4dex.io/ Frame BEC9 		71 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1168098
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx20a5dbc0aa7f45cc854a1-0061adeed0
x-amz-id-2
tx20a5dbc0aa7f45cc854a1-0061adeed0
last-modified
Mon, 06 Dec 2021 11:00:35 GMT
server
cloudflare
etag
W/"d56fadf5a52703aee9982c415a17065a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsSV47SA9Bv0xtJBIfbOlFBlVFlg1MtIZiFMJirKhUWOiLCUeuzN2bqVmZ2zIh2QLObR6nERBHl3dXsQcyCkkHdBC4yBHmXsKMVvP5MS4xbDDyn6jGjQITQ4vWuK3mQk2XpkcbtKH9aXkrb%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1638788435319991
cf-ray
6d04dc5c4e8be8fb-MXP
access-control-allow-headers
Authorization
pbm_307825_11593.js
p.jsapicdn.com/prebidlink/19012/ Frame AEFA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.jsapicdn.com/prebidlink/19012/pbm_307825_11593.js
Requested by
Host: p.jsapicdn.com
URL: https://p.jsapicdn.com/prebidlink/19012/j.html?i=11593
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
540a373b1a1d3de2ff779336e396a4219093140ccb4b65713ea6a75f4d8e28e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.jsapicdn.com/prebidlink/19012/j.html?i=11593
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:56 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 16:39:55 GMT
server
nginx
etag
W/"61e055db-8d83"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Thu, 20 Jan 2022 03:26:56 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:55 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
mvo
tag.1rx.io/rmp/216551/0/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216551/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
translator
hbopenbid.pubmatic.com/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Thu, 20 Jan 2022 02:26:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/203144/0/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.19.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-19-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ebdc3c634ca996a1fff58a0ad684006c2b83a17edf2f38fe62ba2519891f6dcf

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
tracking
ghb.adtelligent.com/adunit/ Frame AEFA 		43 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?pubbid=0&event=11&full_page_url=https%3A%2F%2Fresistthemainstream.org&adid=1bee3d63e3ea92&vpbv=M055&client_id=307825&site_id=11593&lifecycle_tte=232
Requested by
Host: p.jsapicdn.com
URL: https://p.jsapicdn.com/prebidlink/19012/pbm_307825_11593.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.jsapicdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.jsapicdn.com
Date
Thu, 20 Jan 2022 02:26:55 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
/
ghb.adtelligent.com/geo/ Frame AEFA 		132 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.jsapicdn.com
URL: https://p.jsapicdn.com/prebidlink/19012/pbm_307825_11593.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
d8de4a3f83966d7375cb59846a5fe87b38ca6e5cd2253d6a6550c3a38e28cc71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p.jsapicdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.jsapicdn.com
Date
Thu, 20 Jan 2022 02:26:55 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
132
Content-Type
application/json
usync.js
eus.rubiconproject.com/ Frame 4C30 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
88fc98437230e70daa16917c0885ee963bbb1657e1bc4770ecbca21124fdd061

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12708
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 20 Jan 2022 05:58:44 GMT
getuid
secure.adnxs.com/ Frame 4699 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
YejIbXCf5E-PfdeVa0toygAABLoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4699 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YejIbXCf5E-PfdeVa0toygAABLoAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:7fb0:fdcc:4343:870d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame 4699
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YejIcAAG4gpZxwAF
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YejIcAAG4gpZxwAF&gdpr=1&_test=YejIcAAG4gpZxwAF
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YejIcAAG4gpZxwAF&gdpr=1&_test=YejIcAAG4gpZxwAF
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 20 Jan 2022 02:26:56 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1642645616.471834,VS0,VE0
x-served-by
cache-mxp6921-MXP
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YejIcAAG4gpZxwAF&gdpr=1&_test=YejIcAAG4gpZxwAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 4699
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AEGZdE7D0ZEAAEBc9Q76GQ&expiration=1643855216&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AEGZdE7D0ZEAAEBc9Q76GQ&expiration=1643855216&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 20 Jan 2022 02:26:56 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AEGZdE7D0ZEAAEBc9Q76GQ&expiration=1643855216&gdpr=1
Date
Thu, 20 Jan 2022 02:26:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sync
x.bidswitch.net/ Frame 4699 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.122.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-122-86.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
match
c1.adform.net/serving/cookie/ Frame 4699 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum.casalemedia.com/ Frame 4699
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1642732016&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1642732016&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 20 Jan 2022 02:26:56 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1642732016&gdpr=1
pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
cookiesyncendpoint
sync.aniview.com/ Frame 4699 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1642645615828-962636890624-008323-012-006776&biddername=42&key=YejIbXCf5E.PfdeVa0toygAA%261210
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.158.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-158-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:56 GMT
content-length
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		168 KB
168 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
fc19d2f154f953b4c51b865cec0bb6aebd2e149ea59b98354c19f2cfe8759ad2

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=327684-499327

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 327684-499327/1551376
Connection
keep-alive
Content-Length
171644
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27856656
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
PugMaster
image6.pubmatic.com/AdServer/ Frame 60FB 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73434843&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:55 GMT
content-length
0
cs&eq_cc=1
um2.eqads.com/um/ Frame 9857
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642645615828-962636890624-008323-012-006776%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.249.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-249-39.compute-1.amazonaws.com
Software
/
Resource Hash
008d2e13ce3be9a2d2953b7166a28ca0126cd5f004622904515b3c0fb04afacd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/

Response headers

date
Thu, 20 Jan 2022 02:26:56 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Thu, 20 Jan 2022 02:26:56 GMT
pragma
no-cache

Redirect headers

date
Thu, 20 Jan 2022 02:26:56 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 4C30 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17136&khaos=KYMCSD3K-1H-4E2W
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
f69a50991384d09413b97a37bb74928b
Content-Type
image/gif
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		142 KB
142 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
320f9c10b94c5fd531ca60c0fae62fbb1fa70712e1a9caf5d8f37a3a79d3e7ca

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=499328-644463

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 499328-644463/1551376
Connection
keep-alive
Content-Length
145136
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27856656
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
709414.gif
id.rlcdn.com/ Frame 4C30 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
v1
ads.yahoo.com/cms/ Frame 4C30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYMCSD3K-1H-4E2W&sigv=1&esig=2~bfaa350fe6647d59f2e81cbc1fcb1c1e92580966
0
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYMCSD3K-1H-4E2W&sigv=1&esig=2~bfaa350fe6647d59f2e81cbc1fcb1c1e92580966
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
H2
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:56 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KYMCSD3K-1H-4E2W&sigv=1&esig=2~bfaa350fe6647d59f2e81cbc1fcb1c1e92580966
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4C30
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YejIcAAAdaYUWgAZ
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YejIcAAAdaYUWgAZ&_test=YejIcAAAdaYUWgAZ
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YejIcAAAdaYUWgAZ&_test=YejIcAAAdaYUWgAZ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1642645617.531870,VS0,VE0
x-served-by
cache-mxp6921-MXP
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YejIcAAAdaYUWgAZ&_test=YejIcAAAdaYUWgAZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 4C30
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=fe6b61e8-c86f-4300-bd13-50ca5c522079
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=fe6b61e8-c86f-4300-bd13-50ca5c522079
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Server
MT3 4133 baa842e master zrh-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=fe6b61e8-c86f-4300-bd13-50ca5c522079
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 20 Jan 2022 02:26:55 GMT
pixel
cm.g.doubleclick.net/ Frame 4C30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lNQ1NEM0stMUgtNEUyVw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lNQ1NEM0stMUgtNEUyVw==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lNQ1NEM0stMUgtNEUyVw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 4C30 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 4C30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Me4RQT8tN7kEo_yshW71Rsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2249986117922085011
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2249986117922085011
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

date
Thu, 20 Jan 2022 02:26:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2249986117922085011
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 4C30
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDQqhsGXgZU6rkpBkaaP3sc&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDQqhsGXgZU6rkpBkaaP3sc&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDQqhsGXgZU6rkpBkaaP3sc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=6968&t=1642645615&cip=193.27.14.44&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1642645615828-962636890624-008323-012-006776&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.98&cb=66230109894&cd4=c0d4a270-5b07-4e73-891a-7f0221f3472a&cd5=default&cd1=4.122.1&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=bid&cb=1642645615572&asid=6187a5a23223786bb66bb49e%2C6187a5a2beecd3492774a80b%2C6187a5a2f2ea41121e3cbd26&ofpr=%2C%2C&fpo=%2C%2C
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.106.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-106-25.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		125 KB
126 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
db720757cace02ecc1e88d824648d67676e1e25ce8a7cb00a65c7c5ba89e4661

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=644464-772679

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 644464-772679/1551376
Connection
keep-alive
Content-Length
128216
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27856656
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DF19 		377 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127290
x-xss-protection
0
expires
Thu, 20 Jan 2022 02:26:56 GMT
iframe.html
player.adtelligent.com/prebid/ Frame 54DD 		243 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebid/iframe.html?adid=35c5f429168ddf3&ref=null
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456290/hbw_master_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c50be73ac605b62267126025fcebee57825d40a33ab06228762f233c84d231b9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

date
Thu, 20 Jan 2022 02:26:56 GMT
content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 29 Apr 2020 14:32:47 GMT
etag
W/"5ea9900f-f3"
cache-control
max-age=3600
content-encoding
gzip
expires
Thu, 20 Jan 2022 03:26:56 GMT
access-control-allow-origin
*
x-proxy-cache
HIT
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		147 KB
148 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3093b0c5dc79ef06886e2ddd238e466e2b43d35e5aeca027ae47f6c4fe003451

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=772680-923455

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 772680-923455/1551376
Connection
keep-alive
Content-Length
150776
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27856656
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
uctag-rf.js
player.adtelligent.com/prebidlink/ Frame 54DD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/uctag-rf.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/iframe.html?adid=35c5f429168ddf3&ref=null
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
026fbafe97b76ac68a95c9343184354a56815ca8ed2321f9dc3e3eb79ae12503

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/prebid/iframe.html?adid=35c5f429168ddf3&ref=null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:56 GMT
content-encoding
gzip
last-modified
Tue, 14 Jul 2020 11:07:33 GMT
server
nginx
etag
W/"5f0d91f5-993"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 20 Jan 2022 03:26:56 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
js
tags.mathtag.com/notify/ Frame 8C08 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTldabE1tVTJOakF0WWpOaVlTMDBaV0l4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczOTgxNjIzMjM0NTQzMzYyMjkvOTY5MDAzMS85OTU1OTkzLzkvWmRkM1h2Nkpnc0QyYXhNbGpOWUx5TXF3T01raGdVZzdPVWREODZhRUxXdy8xLzkvMC8wLzE3MzQ5NDUvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczOTgxNjIzMjM0NTQzMzYyMjkvYW1zLzAvOTQzMi80NC85OTkvMi8yMDAxOmFjODoyMDozMDA6Oi8wLjAwMC8xNjQyNjQ1NjE1LzE2NDI2NDkyMTUvOS8xNzE4NC8/6O2-x__T8f-c4CNXWSYV2PkMW1U&nodeid=356&group=cdg&auctionid=7398162323454336229&shardkey=7398162323454336229&sid=9955993&cid=9690031&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.37&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F20926696-23ed-4224-ae20-efd6fd25a9e6%2F
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
8576b299c32cbf0ffe89072edb7a707abc5f698d9286bc52ca56ef6589e3897b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1642645615
Last-Modified
Thu, 20 Jan 2022 02:26:55 GMT
Server
MMBD/3.300.0
x-mm-latency
2 (1)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x91, cdg-bidder-x53
Connection
close
Expires
Thu, 20 Jan 2022 02:26:55 GMT
20926696-23ed-4224-ae20-efd6fd25a9e6
beacon-ams3.rubiconproject.com/beacon/d/ Frame 8C08 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/20926696-23ed-4224-ae20-efd6fd25a9e6?oo=0&accountId=17184&siteId=163630&zoneId=2126352&sizeId=15&e=6A1E40E384DA563B7391C943D057BE2327B4281570EF86ECEEBD6E207AB10B36FECF875BE193B5D5E75D9DAB32242B6D6256DD5F637309484DA3E4C613FDEB26C6C282102B04407A9AADAB5684D60938B6D123DDCF201A9C4C36F6BE2ADFCEEC0C35459599C5EC0679130CD7934EDB920CDE5CDBF9DD0BC12ED94D36A1131F6217484A0970FD32C236E6901715DE6C6CD592AB88F92D9528E21D12CEEBCA71A4F5CDC793FAE7905B21636551010CF921628652B978A24FE7
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:56 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
img
tags.mathtag.com/notify/ Frame 8C08 		49 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/notify/img?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTldabE1tVTJOakF0WWpOaVlTMDBaV0l4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczOTgxNjIzMjM0NTQzMzYyMjkvOTY5MDAzMS85OTU1OTkzLzkvWmRkM1h2Nkpnc0QyYXhNbGpOWUx5QVFsUDdzNEg5NnAzXzBqcVAzejFiSS8xLzkvMC8wLzE3MzQ5NDUvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczOTgxNjIzMjM0NTQzMzYyMjkvYW1zLzAvOTQzMi80NC85OTkvMi8yMDAxOmFjODoyMDozMDA6Oi8wLjAwMC8xNjQyNjQ1NjE1LzE2NDI2NDkyMTUvOS8xNzE4NC8/G_Fg1ffYkTpNrSUcOb1F0SumKvg&nodeid=356&group=cdg&auctionid=7398162323454336229&shardkey=7398162323454336229&sid=9955993&cid=9690031&price=6ED78E7AC106BBA4&bp=a_bjbbgg&nfy_act=LD5wfn0&type=burl&client=c2s&src=imp&bfip=185.29.132.37
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
x-mm-bid-request-time
1642645615
Last-Modified
Thu, 20 Jan 2022 02:26:55 GMT
Server
MMBD/3.300.0
x-mm-latency
3 (1)
Content-Type
image/gif
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
cdg-router-x43, cdg-bidder-x53
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 20 Jan 2022 02:26:55 GMT
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 3F46 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
412127
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame DF19 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jan 2022 02:26:56 GMT
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame A5E4 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
412127
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame A3F2 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
412127
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame DF19 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=resistthemainstream.org
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 02:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 41E7 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 20 Jan 2022 03:00:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9FA3 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 20 Jan 2022 03:00:17 GMT
r0rzfbhsf7cr
hal9000.redintelligence.net/zone/ Frame 8C08 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/r0rzfbhsf7cr?subid=&gdpr=0&gdpr_consent=&rnd=7398162323454336229&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:ruc&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dd362b876bb0e2e49f7e50688d1500784125ba58b_15%26mt_aid%3D7398162323454336229%26mt_id%3D9690031%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dfe6b61e8-c86f-4300-bd13-50ca5c522079%26mt_cid%3Dfe6b61e8-c86f-4300-bd13-50ca5c522079%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F20926696-23ed-4224-ae20-efd6fd25a9e6%2F%26redirect%3D
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.64.201.138.clients.your-server.de
Software
Apache /
Resource Hash
244c1313586187b3bf79ba0e641d7ed1611689e310784cf712d28e703620c040

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2957
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
img
pixel.mathtag.com/event/ Frame 8C08 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=9&v2=7398162323454336229&v3=1040879&v4=9955993&v5=9690031&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTldabE1tVTJOakF0WWpOaVlTMDBaV0l4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczOTgxNjIzMjM0NTQzMzYyMjkvOTY5MDAzMS85OTU1OTkzLzkvWmRkM1h2Nkpnc0QyYXhNbGpOWUx5TXF3T01raGdVZzdPVWREODZhRUxXdy8xLzkvMC8wLzE3MzQ5NDUvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczOTgxNjIzMjM0NTQzMzYyMjkvYW1zLzAvOTQzMi80NC85OTkvMi8yMDAxOmFjODoyMDozMDA6Oi8wLjAwMC8xNjQyNjQ1NjE1LzE2NDI2NDkyMTUvOS8xNzE4NC8/6O2-x__T8f-c4CNXWSYV2PkMW1U&nodeid=356&group=cdg&auctionid=7398162323454336229&shardkey=7398162323454336229&sid=9955993&cid=9690031&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.37&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F20926696-23ed-4224-ae20-efd6fd25a9e6%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master zrh-pixel-x8 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Server
MT3 4133 baa842e master zrh-pixel-x8 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 20 Jan 2022 02:26:55 GMT
img
tags.mathtag.com/event/ Frame 8C08 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ruc&bid=7398162323454336229&st=9955993&time=1642645616&nodeid=356
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTldabE1tVTJOakF0WWpOaVlTMDBaV0l4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczOTgxNjIzMjM0NTQzMzYyMjkvOTY5MDAzMS85OTU1OTkzLzkvWmRkM1h2Nkpnc0QyYXhNbGpOWUx5TXF3T01raGdVZzdPVWREODZhRUxXdy8xLzkvMC8wLzE3MzQ5NDUvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczOTgxNjIzMjM0NTQzMzYyMjkvYW1zLzAvOTQzMi80NC85OTkvMi8yMDAxOmFjODoyMDozMDA6Oi8wLjAwMC8xNjQyNjQ1NjE1LzE2NDI2NDkyMTUvOS8xNzE4NC8/6O2-x__T8f-c4CNXWSYV2PkMW1U&nodeid=356&group=cdg&auctionid=7398162323454336229&shardkey=7398162323454336229&sid=9955993&cid=9690031&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.37&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F20926696-23ed-4224-ae20-efd6fd25a9e6%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Server
MMBD/3.300.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x107, cdg-bidder-x53
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 20 Jan 2022 02:26:55 GMT
js
sync.mathtag.com/sync/ Frame 8C08 		1 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=ruc&s_exch=ruc&id=5aW95q2jLzIzLyAvTldabE1tVTJOakF0WWpOaVlTMDBaV0l4TFRBd01EQXRNREF3TURBd01EQXdNREF3LzczOTgxNjIzMjM0NTQzMzYyMjkvOTY5MDAzMS85OTU1OTkzLzkvWmRkM1h2Nkpnc0QyYXhNbGpOWUx5TXF3T01raGdVZzdPVWREODZhRUxXdy8xLzkvMC8wLzE3MzQ5NDUvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzczOTgxNjIzMjM0NTQzMzYyMjkvYW1zLzAvOTQzMi80NC85OTkvMi8yMDAxOmFjODoyMDozMDA6Oi8wLjAwMC8xNjQyNjQ1NjE1LzE2NDI2NDkyMTUvOS8xNzE4NC8/6O2-x__T8f-c4CNXWSYV2PkMW1U&nodeid=356&group=cdg&auctionid=7398162323454336229&shardkey=7398162323454336229&sid=9955993&cid=9690031&bp=a_bjbbgg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.37&3pck=https%3A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F20926696-23ed-4224-ae20-efd6fd25a9e6%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master zrh-pixel-x24 config:1.0.0 /
Resource Hash
97f8174c2c77b089450322a3dafb54238ade833c9224543cf5df13d46f34c1c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Content-Encoding
gzip
Server
MT3 4133 baa842e master zrh-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Type
text/javascript
Expires
Thu, 20 Jan 2022 02:26:55 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 132F 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 20 Jan 2022 03:00:17 GMT
crum
dsum-sec.casalemedia.com/ Frame 9857 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=668a92fa-9071-4a75-ae5a-29520ef718c5&expiration=1650421616
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 20 Jan 2022 02:26:56 GMT
request.php
hal90006.redintelligence.net/ Frame 8C08
Redirect Chain
  • https://hal90006.redintelligence.net/request.php?zone=r0rzfbhsf7cr&nw=20&renderingType=javascript&namespace=d00bd1283f&subid=&uid=0003c6f49dbab5c7&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90006.redintelligence.net/request.php?zone=r0rzfbhsf7cr&nw=20&renderingType=javascript&namespace=d00bd1283f&subid=&uid=0003c6f49dbab5c7&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
612 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/request.php?zone=r0rzfbhsf7cr&nw=20&renderingType=javascript&namespace=d00bd1283f&subid=&uid=0003c6f49dbab5c7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dd362b876bb0e2e49f7e50688d1500784125ba58b_15%26mt_aid%3D7398162323454336229%26mt_id%3D9690031%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dfe6b61e8-c86f-4300-bd13-50ca5c522079%26mt_cid%3Dfe6b61e8-c86f-4300-bd13-50ca5c522079%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F20926696-23ed-4224-ae20-efd6fd25a9e6%2F%26redirect%3D&documentReferer=https%3A%2F%2Fplayer.adtelligent.com%2Fprebid%2Fiframe.html%3Fadid%3D35c5f429168ddf3%26ref%3Dnull&ancestorOrigins=https%3A%2F%2Fplayer.adtelligent.com%2Chttps%3A%2F%2Fresistthemainstream.org%2Chttps%3A%2F%2Fresistthemainstream.org&random=2132567816563&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/iframe.html?adid=35c5f429168ddf3&ref=null
Protocol
HTTP/1.1
Server
138.201.63.164 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
d1063e779db3611eff609a79f1a73387cb4ca332345153742de0063f9e5704d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:56 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
30041900017262903891610011845006
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
329
Expires
Thu, 20 Jan 2022 02:26:56 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 02:26:56 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=r0rzfbhsf7cr&nw=20&renderingType=javascript&namespace=d00bd1283f&subid=&uid=0003c6f49dbab5c7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dd362b876bb0e2e49f7e50688d1500784125ba58b_15%26mt_aid%3D7398162323454336229%26mt_id%3D9690031%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dfe6b61e8-c86f-4300-bd13-50ca5c522079%26mt_cid%3Dfe6b61e8-c86f-4300-bd13-50ca5c522079%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F20926696-23ed-4224-ae20-efd6fd25a9e6%2F%26redirect%3D&documentReferer=https%3A%2F%2Fplayer.adtelligent.com%2Fprebid%2Fiframe.html%3Fadid%3D35c5f429168ddf3%26ref%3Dnull&ancestorOrigins=https%3A%2F%2Fplayer.adtelligent.com%2Chttps%3A%2F%2Fresistthemainstream.org%2Chttps%3A%2F%2Fresistthemainstream.org&random=2132567816563&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 20 Jan 2022 02:26:56 +0100
container-1.0.html
resources.infolinks.com/static/ Frame 6602 		430 B
486 B 		Document
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/container-1.0.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

date
Thu, 20 Jan 2022 02:26:56 GMT
content-type
text/html; charset=UTF-8
last-modified
Wed, 17 Nov 2021 13:25:02 GMT
cache-control
max-age=2592000
expires
Sat, 19 Feb 2022 01:06:25 GMT
via
1.1 google
cf-cache-status
HIT
age
4830
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6d04dc619a3c0863-CDG
content-encoding
gzip
371.json
id5-sync.com/g/v2/ 		213 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.202 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p37.id5-sync.com
Software
/
Resource Hash
7ae2ca39a3d35ca24208cc4001571fe00a7dd1749b6a57b4dc8a611f09497aeb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Thu, 20 Jan 2022 02:26:56 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame 4BE8 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Jan 2022 02:26:56 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3C74 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=20732
expires
Thu, 20 Jan 2022 08:12:28 GMT
date
Thu, 20 Jan 2022 02:26:56 GMT
vary
Accept-Encoding
request_content.php
hal90006.redintelligence.net/ Frame 7554 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/request_content.php?s=30041900017262903891610011845006&a=2a16e1e3
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=r0rzfbhsf7cr&nw=20&renderingType=javascript&namespace=d00bd1283f&subid=&uid=0003c6f49dbab5c7&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aruc&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3Dd362b876bb0e2e49f7e50688d1500784125ba58b_15%26mt_aid%3D7398162323454336229%26mt_id%3D9690031%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D9%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dfe6b61e8-c86f-4300-bd13-50ca5c522079%26mt_cid%3Dfe6b61e8-c86f-4300-bd13-50ca5c522079%26mt_3pck%3Dhttps%253A%2F%2Fbeacon-nf.rubiconproject.com%2Fbeacon%2Fv2%2Ft%2F0%2F20926696-23ed-4224-ae20-efd6fd25a9e6%2F%26redirect%3D&documentReferer=https%3A%2F%2Fplayer.adtelligent.com%2Fprebid%2Fiframe.html%3Fadid%3D35c5f429168ddf3%26ref%3Dnull&ancestorOrigins=https%3A%2F%2Fplayer.adtelligent.com%2Chttps%3A%2F%2Fresistthemainstream.org%2Chttps%3A%2F%2Fresistthemainstream.org&random=2132567816563&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3d418a2013e597b70823e9319add6de80ee0c6839ca366d469c4450826c35d11

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 20 Jan 2022 02:26:56 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2327
Connection
close
Content-Type
text/html; charset=utf-8
iframe
sync.mathtag.com/sync/ Frame FF75 		629 B
748 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/iframe?mt_uuid=fe6b61e8-c86f-4300-bd13-50ca5c522079&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=2&type=1,2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master zrh-pixel-x29 config:1.0.0 /
Resource Hash
048675b5bae1d7dada511b7b02c60f3fb7a02e891a3931ab3afe3ab36033ca6f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Content-Type
text/html
Connection
close
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x29 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires
Thu, 20 Jan 2022 02:26:55 GMT
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 1CC5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/iframe.html?adid=35c5f429168ddf3&ref=null
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 20 Jan 2022 02:26:56 GMT
Connection
keep-alive
Vary
Accept-Encoding
ads
pubads.g.doubleclick.net/gampad/ Frame 3F46 		12 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22654574672%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_9&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=3557343661877406&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d=43&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=870912817&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=D1B202B6-B3A8-4A5A-A0E8-BE2B006BF28D&nel=0&eid=44750822&url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&dt=1642645616257&cookie_enabled=1&scor=2739922697783947&ged=ve4_td1_tt0_pd1_la1000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a6f6f8afe101cd406e2111b434bdb3acf869b97c9e5bbccf6dcc13afe63be50f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame A5E4 		12 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22654574672%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=3765557471812023&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d=43&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3422057204&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=D1B202B6-B3A8-4A5A-A0E8-BE2B006BF28D&nel=0&eid=44750822&url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&dt=1642645616264&cookie_enabled=1&scor=2596912520045067&ged=ve4_td1_tt0_pd1_la1000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a6f6f8afe101cd406e2111b434bdb3acf869b97c9e5bbccf6dcc13afe63be50f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame A3F2 		12 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22654574672%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_3&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=1777627781712835&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d=43&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2771103655&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=D1B202B6-B3A8-4A5A-A0E8-BE2B006BF28D&nel=0&eid=44750822&url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&dt=1642645616274&cookie_enabled=1&scor=3057057482644017&ged=ve4_td1_tt0_pd1_la1000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a6f6f8afe101cd406e2111b434bdb3acf869b97c9e5bbccf6dcc13afe63be50f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
sync.mathtag.com/misc/ Frame 8C08 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/iframe.html?adid=35c5f429168ddf3&ref=null
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master zrh-pixel-x10 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:57 GMT
Server
MT3 4133 baa842e master zrh-pixel-x10 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 20 Jan 2022 02:26:56 GMT
usync.js
eus.rubiconproject.com/ Frame 4BE8 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
88fc98437230e70daa16917c0885ee963bbb1657e1bc4770ecbca21124fdd061

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12708
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 20 Jan 2022 05:58:44 GMT
usync.js
eus.rubiconproject.com/ Frame 1CC5 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
88fc98437230e70daa16917c0885ee963bbb1657e1bc4770ecbca21124fdd061

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12707
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 20 Jan 2022 05:58:44 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 7554 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=30041900017262903891610011845006&a=2a16e1e3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 22:26:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
360037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Jan 2023 22:26:20 GMT
/
track.adform.net/adfscript/ Frame 7554 		767 B
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=51990294;gdpr=0;gdpr_consent=;click=https%3A%2F%2Fhal90006.redintelligence.net%2Fc%2Fps3du5ty33gwi90%3Ftprde%3D
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=30041900017262903891610011845006&a=2a16e1e3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
04bcc736e6b826577ba79d4e99e3eebbbc42795999838236684079a00324772e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
565
expires
-1
check
pixel.tapad.com/idsync/ex/receive/ Frame 6602
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=b3326bec-e67e-4986-a830-5a019b2955ca=&partner_id=3337
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=b3326bec-e67e-4986-a830-5a019b2955ca=&partner_id=3337
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=b3326bec-e67e-4986-a830-5a019b2955ca=&partner_id=3337
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/container-1.0.html
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resources.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=b3326bec-e67e-4986-a830-5a019b2955ca=&partner_id=3337
date
Thu, 20 Jan 2022 02:26:57 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
img
sync.mathtag.com/misc/ Frame FF75 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=fe6b61e8-c86f-4300-bd13-50ca5c522079&no_iframe=1&mt_lim=2&type=1,2&source=bidder
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4133 baa842e master zrh-pixel-x1 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.mathtag.com/sync/iframe?mt_uuid=fe6b61e8-c86f-4300-bd13-50ca5c522079&no_iframe=1&mt_lim=2&type=1,2&source=bidder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:57 GMT
Server
MT3 4133 baa842e master zrh-pixel-x1 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 20 Jan 2022 02:26:56 GMT
viewability
hal90006.redintelligence.net/ Frame 7554 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/viewability?s=30041900017262903891610011845006&a=299f86d9&vb=m
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=30041900017262903891610011845006&a=2a16e1e3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Neulussheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/request_content.php?s=30041900017262903891610011845006&a=2a16e1e3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 02:26:57 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 7554 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=51990294;gdpr=0;gdpr_consent=;click=https%3A%2F%2Fhal90006.redintelligence.net%2Fc%2Fps3du5ty33gwi90%3Ftprde%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0ae298f2509111b6eff0a258cb53fafcd63adbacfef38e453f46d7ff50edc24e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 09:30:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 21 Jan 2022 05:24:21 GMT
/
track.adform.net/adfserve/ Frame 7554 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=51990294;gdpr=0;gdpr_consent=;click=https%3A%2F%2Fhal90006.redintelligence.net%2Fc%2Fps3du5ty33gwi90%3Ftprde%3D;js=1;adfxid=1x;10592;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fresistthemainstream.org
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
88cb3902590c7b3d2d2eec2b75645744481ca247eaae00f39ca611938e5d10d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2045
expires
-1
truncated
/ Frame 7554 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
multitracking
ghb.adtelligent.com/adunit/ Frame BEC9 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456290/hbw_master_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Thu, 20 Jan 2022 02:26:56 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 7554 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1b618bee5daf4e8a14ef5aefa5c7e80ea96451fcd48884e8a615e4250a9d4ba8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 09:30:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 21 Jan 2022 05:24:25 GMT
/
track.adform.net/csimpr/ Frame 7554 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=51990294&csi=LpQrVVuRUamuM8aWU8j19aC5XOj7Lqe-9kimuRGMDcnrygPkIxxfk8nR6Dh3wCEHEJ47nHbkVGbdGNyqKmqeO96vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90006.redintelligence.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:57 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90006.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
10673992.js
s1.adform.net/Banners/Elements/Files/160090/10673992/ Frame 5DC7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10673992/10673992.js?ADFassetID=10673992&bv=258
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
96bcbe3684c1089d731e6e8b4e7a9af69f361e8299c381a1b22268e85131c0cd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 16:26:29 GMT
server
nginx
etag
W/"61b8c5b5-c8a"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
screen.css
s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/ Frame 5DC7 		1 KB
885 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4879c5ca67a36e3c2c633557a3a3886ab14b5b6490fa9936acf0fd0abe892778
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 16:26:29 GMT
server
nginx
etag
W/"61b8c5b5-567"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
text/css
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 5DC7 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:38 GMT
server
nginx
etag
W/"609e6e9a-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
introfill.png
s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/ Frame 5DC7 		117 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
last-modified
Tue, 14 Dec 2021 16:26:29 GMT
server
nginx
etag
"61b8c5b5-75"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
117
stoerer.png
s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/ Frame 5DC7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/stoerer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e5595db09650405bd6fe4cd28e4433abbbd694d6faa84292c353930bdad1a4d2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
last-modified
Tue, 14 Dec 2021 16:26:29 GMT
server
nginx
etag
"61b8c5b5-2e15"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
11797
text1.png
s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/ Frame 5DC7 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e6bcb09b72fe4af0a7025a07592c4d798c853a0bc53443bbfaeeb58dbaee58bf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
last-modified
Tue, 14 Dec 2021 16:26:29 GMT
server
nginx
etag
"61b8c5b5-2b14"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
11028
banderole.png
s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/ Frame 5DC7 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/banderole.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
198ea6df487d503e09a019bc8e21eca1dd7487637b707551e99d51d4b8a6bd99
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
last-modified
Tue, 14 Dec 2021 16:26:29 GMT
server
nginx
etag
"61b8c5b5-2c57"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
11351
disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/ Frame 5DC7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
339b062715f0fa93bd4509bbd3c7ee6ebb3ce63ef1140c0dbf3aa8935b7aaf7c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
last-modified
Tue, 14 Dec 2021 16:26:29 GMT
server
nginx
etag
"61b8c5b5-fe3"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
4067
date.png
s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/ Frame 5DC7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
61aa02064765550124c2afd606873eda02d6b2406652f3649d35e933981c8f3d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
last-modified
Tue, 14 Dec 2021 16:26:29 GMT
server
nginx
etag
"61b8c5b5-927"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
2343
cta.png
s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/ Frame 5DC7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c7ad088d10fbd3b025673a12b355062745683bd32b37a41bb68d0492b45a7b93
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
last-modified
Tue, 14 Dec 2021 16:26:29 GMT
server
nginx
etag
"61b8c5b5-7f3"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
2035
logostart.png
s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/ Frame 5DC7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/logostart.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
411c5cad0d24027c726e52a3903531a2c8348c845e6552932c7698e997a81405
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
last-modified
Tue, 14 Dec 2021 16:26:29 GMT
server
nginx
etag
"61b8c5b5-1a64"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
6756
logo.png
s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/ Frame 5DC7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
77b3b2c53216ee57263fe847e0bd6f28ae2577a25c2ae00ab470dc164c769096
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
last-modified
Tue, 14 Dec 2021 16:26:29 GMT
server
nginx
etag
"61b8c5b5-108f"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
4239
model.jpg
s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/ Frame 5DC7 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
160377ef4ca39a7d682574981b39bd6be54ebe0a326bca4d19e23e6b59aac4d3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
last-modified
Tue, 14 Dec 2021 16:26:29 GMT
server
nginx
etag
"61b8c5b5-72fd"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
29437
background.jpg
s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/ Frame 5DC7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/background.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ee7cb715e2926a70863d23b71a288a4e6807b6ff7c3e2c51ac806081e2ff6919
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
last-modified
Tue, 14 Dec 2021 16:26:29 GMT
server
nginx
etag
"61b8c5b5-3047"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
12359
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 5DC7 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5032644
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13669
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYSvHPOrapTQK4%2Fk7YLbv%2BEYZF9VMXJPJxbThpITGRh71uxA6DsUdONzzfBoLiLAUrFHLWKF8At%2FCgV2jWH1PEZ1lG24e33tPYR6q%2Fs5VBMQQqz7Y8Wv3lMK58siTN9e%2B%2BSb%2FcwhFNA0Ldwzt20vLZHL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d04dc660a1e83a2-MXP
expires
Tue, 10 Jan 2023 02:26:57 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 5DC7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1236555
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1730
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwnJfSSXuL4k7oWfBN569N9Jf4I79mIIs2Bm55oSo2ugOkpqsGaLRphi3Xu1LYx5YshHkY6DhXBxxSA0CO4H3KqQYb6Kj3KCgn4SfOnGg8DU17ZB9a75Qgx6nEbHRh2tvPW%2BW5GmuqsGbDhFkK7Y9WKd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d04dc660a2083a2-MXP
expires
Tue, 10 Jan 2023 02:26:57 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 5DC7 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
194293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8578
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFZx187ryvNeiQzgR%2FsAnwqzQ4%2BLct1sF1egF8WwdO9SfTgFozCl9NvjRePvIRwQZIxP9tuXAyN79ToSsbNOnJxAOoe1X0Dtbj%2FWHlf8O4SrTYrY7bHGmydBa54LczcnGYt7sI16jeEbr%2Bag5qYazxP3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d04dc660a2283a2-MXP
expires
Tue, 10 Jan 2023 02:26:57 GMT
script.js
s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/ Frame 5DC7 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10673992/bvpath_258/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
88810ce65ee55d7a60e833aa3fce057ba28d3a609f3504d6f66f0f77290d9334
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 16:26:29 GMT
server
nginx
etag
W/"61b8c5b5-1c0e"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame BEC9 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Jan 2022 02:26:57 GMT
syncframe
gum.criteo.com/ Frame 8A93 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=resistthemainstream.org
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7225c811b9035a4ce65639eb7ab5e7850833a340a866cc8e4bc5c2ce4abe8756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1801
date
Thu, 20 Jan 2022 02:26:57 GMT
content-length
5180
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame BEC9 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:58 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:43 GMT
server
nginx
etag
W/"61cc54f3-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Jan 2022 02:26:58 GMT
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.123.106 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-123-106.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Thu, 20 Jan 2022 02:26:58 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1642645617317&cid=6187a5a49268ad27da7716d8&VERSION=4.122.1&AV_PAGE_LOAD_UID=c0d4a270-5b07-4e73-891a-7f0221f3472a&AV_CDIM4=c0d4a270-5b07-4e73-891a-7f0221f3472a&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.50.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-50-69.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sid
mug.criteo.com/ Frame 8A93
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=resistthemainstream.org&sn=ChromeSyncframe&so=0&topUrl=resistthemainstream.org&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=lRrZeXw1a2YxaEZWRHpINnExZHVZcGNMUHlHN2V6YUZIUnhiWUdneUdBMXB0SCtWVjVpTEtZbUt3SVJHNTdGc1ppTUluUHhXRU5JTnYyRXlmMnEwZ0FqSlptUnhCbC9NSFo1ZGlKbWhFUXZkOWZMNEdBY2hRZCtlZGtZTH...
454 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=lRrZeXw1a2YxaEZWRHpINnExZHVZcGNMUHlHN2V6YUZIUnhiWUdneUdBMXB0SCtWVjVpTEtZbUt3SVJHNTdGc1ppTUluUHhXRU5JTnYyRXlmMnEwZ0FqSlptUnhCbC9NSFo1ZGlKbWhFUXZkOWZMNEdBY2hRZCtlZGtZTHptaFZlZEptY3NjendaQXhWb2hzaHFqL3QvNXowWjRrV2I2c3ErVHVXVlR0NW9vY3ZoNHUvclVXNmhTc1MwS3N0dnhIelEwaDZEemtiaFV6czdCeWlFRW1NSjY0VVFuL0RNelp0MzMyODV0Um96YnREZFpwangra0NkNFBLVVpYNTExMWd0Wm05a0RLVHljVzJxWmxlR25Id2lUcTN1N0VlODN6amdoNWRjL1hjT1drT2pXTT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ad07083c56d731c6383f0f39b2ebd29f474b5a7eb6ba56db6ba22d608832283b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:57 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
6982
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:57 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=lRrZeXw1a2YxaEZWRHpINnExZHVZcGNMUHlHN2V6YUZIUnhiWUdneUdBMXB0SCtWVjVpTEtZbUt3SVJHNTdGc1ppTUluUHhXRU5JTnYyRXlmMnEwZ0FqSlptUnhCbC9NSFo1ZGlKbWhFUXZkOWZMNEdBY2hRZCtlZGtZTHptaFZlZEptY3NjendaQXhWb2hzaHFqL3QvNXowWjRrV2I2c3ErVHVXVlR0NW9vY3ZoNHUvclVXNmhTc1MwS3N0dnhIelEwaDZEemtiaFV6czdCeWlFRW1NSjY0VVFuL0RNelp0MzMyODV0Um96YnREZFpwangra0NkNFBLVVpYNTExMWd0Wm05a0RLVHljVzJxWmxlR25Id2lUcTN1N0VlODN6amdoNWRjL1hjT1drT2pXTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2059
content-length
567
expires
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		127 KB
128 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
20d39c4e213e747dee4aa55bf503a5eff52c1d294ac947a97742c25fae160730

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=923456-1053927

Response headers

Date
Thu, 20 Jan 2022 02:26:59 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 923456-1053927/1551376
Connection
keep-alive
Content-Length
130472
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27856653
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fresistthemainstream.org%2F&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://resistthemainstream.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://resistthemainstream.org
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1504
date
Thu, 20 Jan 2022 02:26:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame BEC9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fresistthemainstream.org%2F&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=yBfS-Xw2NC9EWmJoVUlzOXZRVmxIYlF5YTZSN2NwNXI4SEJLV0F6dUd3QVhnTFYvQTlxa2lyb0hQZitYSzQyKy93cUg1MU03Z050YXhXM1h0TmRnSjJJa3J2eFhQaFFvWmNEU0d2eGs3LzRSeXMzYUxjOU9RTjUrWkxPdX...
457 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yBfS-Xw2NC9EWmJoVUlzOXZRVmxIYlF5YTZSN2NwNXI4SEJLV0F6dUd3QVhnTFYvQTlxa2lyb0hQZitYSzQyKy93cUg1MU03Z050YXhXM1h0TmRnSjJJa3J2eFhQaFFvWmNEU0d2eGs3LzRSeXMzYUxjOU9RTjUrWkxPdXZYRmlBNnpwalBRSzJkSXBWNEZiYkpBeEZyZyt2aFNTa24yNHhDU2xUZkhXVC8zQ3pBeUlpNTBwM3NUUUxQS0w1MEs3Rkg2M1RWN3BkaU9MN1I0RnZ1emU0VEhPMjIxRngwVUJ4WXhRODZGY0JKaWt4QnBQL3dEOFRUb0JoaWNlNEc4bWI0N2dEeGUyVU1MWW5RclFvTlRkTUZFTEN5TGdCU2lxV3ZieGJZdDBoTmhESldsbz18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
99b6cd1982e8223c43fc77f8c8830a586c3b498ca3999383580aeb2a21b65936
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:59 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2800
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:26:58 GMT
location
https://mug.criteo.com/sid?cpp=yBfS-Xw2NC9EWmJoVUlzOXZRVmxIYlF5YTZSN2NwNXI4SEJLV0F6dUd3QVhnTFYvQTlxa2lyb0hQZitYSzQyKy93cUg1MU03Z050YXhXM1h0TmRnSjJJa3J2eFhQaFFvWmNEU0d2eGs3LzRSeXMzYUxjOU9RTjUrWkxPdXZYRmlBNnpwalBRSzJkSXBWNEZiYkpBeEZyZyt2aFNTa24yNHhDU2xUZkhXVC8zQ3pBeUlpNTBwM3NUUUxQS0w1MEs3Rkg2M1RWN3BkaU9MN1I0RnZ1emU0VEhPMjIxRngwVUJ4WXhRODZGY0JKaWt4QnBQL3dEOFRUb0JoaWNlNEc4bWI0N2dEeGUyVU1MWW5RclFvTlRkTUZFTEN5TGdCU2lxV3ZieGJZdDBoTmhESldsbz18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2779
content-length
567
expires
0
692.json
id5-sync.com/g/v2/ Frame BEC9 		213 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19012/hb_449880_12335.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.202 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p37.id5-sync.com
Software
/
Resource Hash
5b058564e311c9c3f452d13f6befbf91c6e5706a992bc66c26cc990678f319e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Thu, 20 Jan 2022 02:26:58 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yBfS-Xw2NC9EWmJoVUlzOXZRVmxIYlF5YTZSN2NwNXI4SEJLV0F6dUd3QVhnTFYvQTlxa2lyb0hQZitYSzQyKy93cUg1MU03Z050YXhXM1h0TmRnSjJJa3J2eFhQaFFvWmNEU0d2eGs3LzRSeXMzYUxjOU9RTjUrWkxPdXZYRmlBNnpwalBRSzJkSXBWNEZiYkpBeEZyZyt2aFNTa24yNHhDU2xUZkhXVC8zQ3pBeUlpNTBwM3NUUUxQS0w1MEs3Rkg2M1RWN3BkaU9MN1I0RnZ1emU0VEhPMjIxRngwVUJ4WXhRODZGY0JKaWt4QnBQL3dEOFRUb0JoaWNlNEc4bWI0N2dEeGUyVU1MWW5RclFvTlRkTUZFTEN5TGdCU2lxV3ZieGJZdDBoTmhESldsbz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1446
date
Thu, 20 Jan 2022 02:26:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:59 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3193
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6d04dc725fba0e12-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 19 Feb 2022 02:26:59 GMT
icon
onesignal.com/api/v1/apps/f2f0fa41-3f02-4834-960c-380cf87d3124/ 		184 B
578 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/f2f0fa41-3f02-4834-960c-380cf87d3124/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16e9c3770bc398cefe9acdf34912a67fa1c2099711d977a095cf97f4c741c5e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:26:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200 OK
x-envoy-upstream-service-time
9
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
f42610da-2d9d-4367-b7e1-47ac1d77770d
x-runtime
0.007120
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"16e9c3770bc398cefe9acdf34912a67f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
6d04dc72affe2c0d-FRA
access-control-allow-headers
SDK-Version
aa38d6c5-9e50-4915-ab27-e0ab33ec583c
img.onesignal.com/permanent/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/aa38d6c5-9e50-4915-ab27-e0ab33ec583c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
888ad0d7ff41ab2c773607ac8c4f60babb965293e65b5a9835355079c2a240b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:27:00 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
MCPN090F87KT9HYK
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5809
x-amz-id-2
gqbFYTQ1Qaxc7rmh7BH2SWOEk7bt92Vng6SZ27uHoTAT5P62EFZrzQOErThkImKnsH/JCF73kDE=
last-modified
Tue, 07 Dec 2021 21:59:25 GMT
server
cloudflare
etag
"9b57ff41f85b526aaf0b1d73ca5038df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6d04dc748b5b59f5-MXP
expires
Sun, 20 Feb 2022 02:27:00 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=6968&t=1642645615&cip=193.27.14.44&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1642645615828-962636890624-008323-012-006776&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.98&cb=66230109894&cd4=c0d4a270-5b07-4e73-891a-7f0221f3472a&cd5=default&cd1=4.122.1&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.106.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-106-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 20 Jan 2022 02:27:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vast2
tag.targeting.unrulymedia.com/rmp/243572/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/243572/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&w=410&h=231&cbb=2645621404
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:27:02 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&w=410&h=231&cbb=2645621404
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:27:02 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/236691/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/236691/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&w=410&h=231&cbb=2645621404
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:27:02 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814599&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fs...
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814599&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fs...
129 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814599&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2645621404&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:27:02 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:27:01 GMT
access-control-allow-origin
https://resistthemainstream.org
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814599&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2645621404&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
vast2
tag.targeting.unrulymedia.com/rmp/234705/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&w=410&h=231&cbb=2645621404
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:27:02 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814598&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsi...
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814598&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsi...
129 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814598&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2645621405&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:27:02 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:27:01 GMT
access-control-allow-origin
https://resistthemainstream.org
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=662301098949814598&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&vph=231&vpw=410&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2645621405&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=6968&t=1642645615&cip=193.27.14.44&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1642645615828-962636890624-008323-012-006776&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.98&cb=66230109894&cd4=c0d4a270-5b07-4e73-891a-7f0221f3472a&cd5=default&cd1=4.122.1&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=request&cb=1642645621406&asid=603bb6ac619b766728187834%2C60254eaaea2c62223814f756%2C61b754ed61c198758737a774%2C5fbe5add3443ef680f0480d7%2C61129c5f0e70e663bd7c5b71%2C60254e56dcfb6a082e596646%2C60c60c3b1731ed2b383f0908%2C5e1b272e28a06142643c20cd%2C5fbe5d4370a94c4b696b7ccc%2C5b30e37c073ef468ec3ca049%2C5c5a9a6228a0617b9619af99%2C5fd1f2cc9772f87a350a855b%2C604e0bb1f199b154cc115338%2C5ee3d57071193a26344a4076&ofpr=6%2C1%2C%2C%2C%2C%2C%2C3%2C2.8%2C%2C2%2C1.5%2C2%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.106.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-106-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:27:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Thu, 20 Jan 2022 02:27:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/203144/0/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
pragma
no-cache
date
Thu, 20 Jan 2022 02:27:02 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
v1
prg.smartadserver.com/prebid/ 		171 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:27:01 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.19.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-19-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9d5ce68eed34b1bb9d934554a23a1a18b5f2fd27f9308d0586fbd1be9e41cbd6

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:27:02 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
mvo
tag.1rx.io/rmp/216551/0/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216551/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
pragma
no-cache
date
Thu, 20 Jan 2022 02:27:02 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.19.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-19-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
336f7292a27329e309db1a0f0d129b4980dfb72de4468220845446a0762fe8c0

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:27:02 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.19.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-19-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bcaceb256884918befa4dbc7991f4c236dae8a55839b558494637d1e4ea5f5c8

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:27:02 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=6968&t=1642645615&cip=193.27.14.44&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1642645615828-962636890624-008323-012-006776&cha=0.05&stagid=&stplid=&d35=&d36=6.1.2.98&cb=66230109894&cd4=c0d4a270-5b07-4e73-891a-7f0221f3472a&cd5=default&cd1=4.122.1&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=bid&cb=1642645621593&asid=5ee3d57071193a26344a4076&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.106.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-106-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:27:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 03E2 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
412133
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame DF19 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=resistthemainstream.org
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 02:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4B94 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 20 Jan 2022 03:00:17 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 03E2 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4346336937691541&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=870912817&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=D1B202B6-B3A8-4A5A-A0E8-BE2B006BF28D&nel=0&eid=44750822&url=https%3A%2F%2Fresistthemainstream.org%2Fsidney-powell-responds-following-subpoena-from-jan-6-committee%2F%3Futm_source%3Dtelegram&dt=1642645621747&cookie_enabled=1&scor=2410130886016644&ged=ve4_td7_tt6_pd7_la7000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts6_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 02:27:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame 7554 		35 B
477 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6775388320559097957@@51990294,747939658814375676,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|QLBN6N9RDjFcPlakbYq96ZOMjIjxpfy6ue4vB47VrNRMgGBKK32UrYm3nyX34Xgm0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90006.redintelligence.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 02:27:02 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90006.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		184 KB
184 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-146.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
e249689202d578760f311db8af1646c07100fa7fbcf73b82e229813efd14813a

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=1053928-1241927

Response headers

Date
Thu, 20 Jan 2022 02:27:02 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 1053928-1241927/1551376
Connection
keep-alive
Content-Length
188000
X-Served-By
cache-wdc5574-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944698.632065,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27856650
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| admiral object| googletag function| OneSignal function| gtag object| dataLayer string| jnews_ajax_url object| google_tag_manager function| _0x3b44 function| _0x25f7b7 function| _0x4379 object| jnews object| jnewsDataStorage object| _wpemojiSettings object| google_tag_data object| gaGlobal function| 4dm1r11545242527 object| PDFObject undefined| $ function| jQuery number| infolinks_pid number| infolinks_wsid object| $iceboot object| INFOLINKS object| ldAdInit number| HYVOR_TALK_WEBSITE object| HYVOR_TALK_CONFIG object| jnews_module_47999_0_61e8b8aeacd23 string| HYVOR_TALK_DOMAIN object| jfla boolean| jQueryScriptOutputted function| initJQuery number| __oneSignalSdkLoadCount function| __jp0 object| hyvorTalkCommentCount function| _typeof object| $ice object| $infolinks object| _ldAdIdMap number| $iceId object| _mgIntExchangeNews object| MarketGidInfC1149360 function| MarketGidCContextBlock1149360 function| MarketGidCMainBlock1149360 function| MarketGidCInternalExchangeBlock1149360 function| MarketGidCRejectBlock1149360 function| MarketGidCCriteoBlock1149360 function| MarketGidCInternalExchangeLoggerBlock1149360 function| MarketGidCObserverBlock1149360 function| MarketGidCSendDimensionsBlock1149360 function| MarketGidCRtbBlock1149360 function| MarketGidCContentPreviewBlock1149360 function| MarketGidCResponsiveBlock1149360 boolean| mg_loaded_720235_1149360 object| MarketGidInfC1156929 function| MarketGidCContextBlock1156929 function| MarketGidCMainBlock1156929 function| MarketGidCInternalExchangeBlock1156929 function| MarketGidCRejectBlock1156929 function| MarketGidCCriteoBlock1156929 function| MarketGidCInternalExchangeLoggerBlock1156929 function| MarketGidCObserverBlock1156929 function| MarketGidCSendDimensionsBlock1156929 function| MarketGidCRtbBlock1156929 function| MarketGidCDiscountBlock1156929 function| MarketGidCContentPreviewBlock1156929 boolean| mg_loaded_720235_1156929 object| MarketGidInfC1261872 function| MarketGidCContextBlock1261872 function| MarketGidCMainBlock1261872 function| MarketGidCInternalExchangeBlock1261872 function| MarketGidCRejectBlock1261872 function| MarketGidCCriteoBlock1261872 function| MarketGidCInternalExchangeLoggerBlock1261872 function| MarketGidCObserverBlock1261872 function| MarketGidCSendDimensionsBlock1261872 function| MarketGidCRtbBlock1261872 function| MarketGidCDiscountBlock1261872 function| MarketGidCContentPreviewBlock1261872 boolean| mg_loaded_720235_1261872 object| addComment function| EvEmitter function| imagesLoaded object| jnewsoption object| twemoji object| wp object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| lazySizesConfig object| lazySizes function| Waypoint object| html5 object| Modernizr object| tve_dash_front object| TVE_Dash object| jnews_select_share boolean| wpquads_adblocker_check boolean| wpquads_adblocker_check_2 object| tcb_post_lists object| TL_Const object| omapi_data function| onYouTubeIframeAPIReady number| progressTimer object| vttjs function| WebVTT function| ILVideo object| onClickExcludes function| OptinMonsterApp boolean| om_loaded function| mgReject1149360 function| mgLoadAds1149360_0b68d function| MarketGidCReject1149360 function| MarketGidLoadGoods1149360_0b68d function| mgReject1156929 function| mgLoadAds1156929_03076 function| MarketGidCReject1156929 function| MarketGidLoadGoods1156929_03076 function| mgReject1225368 function| mgLoadAds1225368_03076 function| MarketGidCReject1225368 function| MarketGidLoadGoods1225368_03076 object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| MarketGidCSvsdsFlag function| mgReject1261872 function| mgLoadAds1261872_17977 function| MarketGidCReject1261872 function| MarketGidLoadGoods1261872_17977 string| _mgCanonicalUri boolean| _mgPageViewEndPoint720235 string| _mgPvid boolean| _mgPageView720235 function| LoadCriteoAllPlaces1149360_0b68d boolean| i.js.loaded boolean| i-noref.js.loaded function| LoadCriteoAllPlaces1225368_03076 function| _mgLib1_11_78 function| _mgwqp object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| regeneratorRuntime object| __EXCO string| pbPageIdentifier function| Hls function| av_sciv_hndlr1642645614823 object| storageAni object| ADAGIO object| _ADAGIO object| closure_lm_569654

92 Cookies

Domain/Path Name / Value
resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee Name: quads_browser_width
Value: 1600
resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee Name: logglytrackingsession
Value: caaed662-b852-46b7-a8ca-4fe8fa234b7d
resistthemainstream.org/sidney-powell-responds-following-subpoena-from-jan-6-committee Name: exco-uid
Value: 6k0ibpundebuaevm
.resistthemainstream.org/ Name: _ga_MHSJPPB6JE
Value: GS1.1.1642645611.1.0.1642645611.0
.mgid.com/ Name: __cf_bm
Value: quP6dRmG.GVdJ6KEdLw6b9eC40tZnJ8KQgPUjn_X6Bo-1642645613-0-AU4THWs7CJvtAmpn9EurIphkx2ZGcmIP4kfXnwX/NpEy8LO0pD7eOsNDlu/p2cU/tFjQGO+ffVuIiH58oT8Yw1I=
.resistthemainstream.org/ Name: _ga
Value: GA1.2.1976434000.1642645612
.resistthemainstream.org/ Name: _gid
Value: GA1.2.1548453399.1642645613
.resistthemainstream.org/ Name: _gat
Value: 1
.infolinks.com/ Name: cuid
Value: b3326bec-e67e-4986-a830-5a019b2955ca
.yahoo.com/ Name: A3
Value: d=AQABBG3I6GECEFo2N_8fp_kLueJZsgAN3lkFEgEBAQEZ6mHyYQAAAAAA_eMAAA&S=AQAAAqqHj4Y_jIRlVGTdKJDmgmU
.adnxs.com/ Name: uuid2
Value: 2827396469763233072
.casalemedia.com/ Name: CMID
Value: YejIbXCf5E.PfdeVa0toygAA
.casalemedia.com/ Name: CMPS
Value: 3238
.pubmatic.com/ Name: SyncRTB3
Value: 1643846400%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C2774A81-B5CE-4B08-9A7C-F3E7408AC1F5
.casalemedia.com/ Name: CMPRO
Value: 1210
.advertising.com/ Name: APID
Value: UP6ea0e2be-7998-11ec-adbf-024986f1b40a
.360yield.com/ Name: tuuid
Value: 18eed8b5-e1b3-4469-b7b7-785c8bad8dfe
.360yield.com/ Name: tuuid_lu
Value: 1642645613
.analytics.yahoo.com/ Name: IDSYNC
Value: "192u~22re:18xp~22re"
.yahoo.com/ Name: APID
Value: UP6ea0e2be-7998-11ec-adbf-024986f1b40a
.yahoo.com/ Name: APIDTS
Value: 1642645613
.adsrvr.org/ Name: TDID
Value: d02c5bd6-56de-4851-aed3-177ca6bdbb36
.w55c.net/ Name: wfivefivec
Value: 0AqfnoEg1Nana65
.doubleclick.net/ Name: IDE
Value: AHWqTUklfCWtyWhM-kuuC5LqMblyhWfkCLuUYmu_19VL9MmFfdLyarW_fO0pvwMGems
.infolinks.com/ Name: ANUSERCOOKIE
Value: 2827396469763233072
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjw2Znf4fGtOhAFOAE.
.w55c.net/ Name: matchcasale
Value: 5
.turn.com/ Name: uid
Value: 4399109690395746139
.cpx.to/ Name: cpSess
Value: 69af1945cde763d
.cpx.to/ Name: dsp_app_nexus
Value: 2827396469763233072#1642645614093
.infolinks.com/ Name: IXUSERCOOKIE
Value: YejIbXCf5E.PfdeVa0toygAA&1210
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-44c716a0-2ac4-4ff0-8d18-4f0b47b69d59-003%22%7D
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-qGPNESBE2uEqwsJ.A7w3jkNXAYlUdnea~A~UP6ea0e2be-7998-11ec-adbf-024986f1b40a
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: pi
Value: 156872:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-k1R5QiZE2uH2gBYNEnU4RvMo8FsaetFPlU14SdY-~A
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-44c716a0-2ac4-4ff0-8d18-4f0b47b69d59-003%22%7D
.infolinks.com/ Name: IMDUSERCOOKIE
Value: 18eed8b5-e1b3-4469-b7b7-785c8bad8dfe
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFslzmtoZmJkZmJqZmhiZGgGAKSdyVcQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0Mja0NDMxMjQ0NLEwtjQyMRTiM9S1zM328nOvcAwNCMoEABoEuvQlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0Mja0NDMxMjQ0NLEwtjQyMRTiM9S1zM328nOvcAwNCMqU4jUEypuZmJoZApWZAQCIndjPNAAAAA
.infolinks.com/ Name: R1USERCOOKIE
Value: RX-44c716a0-2ac4-4ff0-8d18-4f0b47b69d59-003
.infolinks.com/ Name: KADUSERCOOKIE
Value: C2774A81-B5CE-4B08-9A7C-F3E7408AC1F5~1642645700639
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 503daae9-3a34-44be-9f60-c13cc9a2ef3f
beacon.lynx.cognitivlabs.com/ Name: ss
Value: R1T5GFgVlKuA%2F0kkqVew4EaPc11%2BMeDZgD2DtYXzR%2BqSZIfBW14Ye9W3mTaF4wB%2BOPiz2YUbvmtMs73MNWoTFQ%3D%3D
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: C2774A81-B5CE-4B08-9A7C-F3E7408AC1F5
.resistthemainstream.org/ Name: paywall_product
Value: false
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 5123196421114839241
.lijit.com/ Name: ljt_reader
Value: 81102b21675c31d8a26b2455
servicer.mgid.com/ Name: __mglb
Value: 4aae4d8c393f422d100aefd60785b084
.resistthemainstream.org/ Name: _awl
Value: 2.1642645614.0.5-caca929ec71d2a5ea322d568117e6be7-6763652d6575726f70652d7765737431-0
.mgid.com/ Name: muidn
Value: m0jSvLYZSeqi
resistthemainstream.org/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1149360%22%3A%7B%22page%22%3A1%2C%22time%22%3A1642645613977%7D%2C%22C1156929%22%3A%7B%22page%22%3A1%2C%22time%22%3A1642645614125%7D%2C%22C1261872%22%3A%7B%22page%22%3A1%7D%7D
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: 81102b21675c31d8a26b2455
.adtelligent.com/ Name: vmuid
Value: 125e501c0ba036f3
resistthemainstream.org/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.resistthemainstream.org/ Name: _pubcid
Value: 8f40cd8d-03bd-4a39-a194-7238342f3471
pbjs.e-planning.net/ Name: CT
Value: 1
.aniview.com/ Name: aniC
Value: 1642645615828-962636890624-008323-012-006776
.adnxs.com/ Name: icu
Value: ChgI4axaEAoYASABKAEw75CjjwY4AUABSAEQ75CjjwYYAA..
.e-planning.net/ Name: E
Value: AGZD6F-bN3BNVlL/
.rubiconproject.com/ Name: khaos
Value: KYMCSD3K-1H-4E2W
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qp05KNcCmsDAP+oE/PhLWQEKtLvkckcz9sK2qe6TZpRu1hltWQIMgrQJJW7VoQ7mbxuT3Av9yfyLqXuoXOvg8fszG6FmltYou1VWfYuzvGRqw==
.casalemedia.com/ Name: CMST
Value: YejIbWHoyHAA
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 94370366-9bab-5314-a3fd-dd9ec21515ee
.betweendigital.com/ Name: ut
Value: YejIcAADeqCprCcRNOnVibZWlS3uJrS331oQNQ==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.bidr.io/ Name: bito
Value: AEGZdE7D0ZEAAEBc9Q76GQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.mathtag.com/ Name: uuid
Value: fe6b61e8-c86f-4300-bd13-50ca5c522079
resistthemainstream.org/ Name: hbmp_cap_h
Value: eyJydWJpY29uX293IjoxfQ==
resistthemainstream.org/ Name: hbmp_cap_d
Value: eyJydWJpY29uX293IjoxfQ==
.eqads.com/ Name: EQUser
Value: UID=668a92fa-9071-4a75-ae5a-29520ef718c5
.aniview.com/ Name: 2_C_42
Value: YejIbXCf5E.PfdeVa0toygAA&1210
sync.aniview.com/ Name: 2_C_42
Value: YejIbXCf5E.PfdeVa0toygAA&1210
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YejIcAAAdaYUWgAZ
.casalemedia.com/ Name: CMRUM3
Value: 6f61e8c87005a0&1161e8c86d05a0&2d61e8c86e2760CAESEH9hyt6IczJm5bVhLQN24NI&2e61e8c87005a0&2761e8c86d0b40&4161e8c87005a0&3361e8c87005a0&4961e8c87005a0&8261e8c8702760AEGZdE7D0ZEAAEBc9Q76GQ&e661e8c86d2760&5861e8c8702760YejIcAAG4gpZxwAF&0461e8c86d05a0&2861e8c8702760668a92fa-9071-4a75-ae5a-29520ef718c5&f161e8c86d05a0&0861e8c86e2760503daae9-3a34-44be-9f60-c13cc9a2ef3f&2f61e8c86d05a0
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 4667a6c223b92e3b
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.tapad.com/ Name: TapAd_TS
Value: 1642645617061
.tapad.com/ Name: TapAd_DID
Value: 6a5a8602-7ae5-4e63-97e2-187562616757
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6775388320559097957
.adform.net/ Name: TPC
Value: 1642645617298
.criteo.com/ Name: uid
Value: 2605493e-f6cb-4a50-b531-006388a1fbc3
.resistthemainstream.org/ Name: cto_bundle
Value: kMlTGV8zSVVXOEVHU2JaWndUMlljbzBmdjhHYXVJd3UlMkZuS1lwdHJIY2VuWGlydEFhMVdvdEklMkJoNzRldGJsRjlhT2VFdUVQNmFUQW9WYnJkZER5NDBzRWkxRXMyJTJCZzFWWHZpdzY3cSUyQkVyUXpsVCUyQk9CTDNOOFQ1ZGY1RzJlWHR6ZW9SZ1NET21jSjZDTEU0TnpxS3NyS0dZWnZiNXh6OHRJWkUycllpRHFKVldibTJvJTNE

4 Console Messages

Source Level URL
Text
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb(Line 2)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
ajax.googleapis.com
ap.lijit.com
atrack.avplayer.com
b1sync.zemanta.com
beacon-ams3.rubiconproject.com
beacon.lynx.cognitivlabs.com
bidder.criteo.com
c.mgid.com
c1.adform.net
casale-match.dotomi.com
cdn.mgid.com
cdn.onesignal.com
cdn2.lockerdomecdn.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
cm.mgid.com
de.tynt.com
dm.hybrid.ai
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fearlessfaucet.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
gum.criteo.com
hal9000.redintelligence.net
hal90006.redintelligence.net
hbopenbid.pubmatic.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
img.onesignal.com
jsc.mgid.com
lockerdome.com
match.adsrvr.org
match.bnmla.com
match.prod.bidr.io
mcd.ex.co
mp.4dex.io
mug.criteo.com
onesignal.com
onetag-sys.com
p.jsapicdn.com
p.rfihub.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
player.adtcdn.com
player.adtelligent.com
player.aniview.com
player.avplayer.com
player.ex.co
pm.w55c.net
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
premiumsrv.aniview.com
prg.smartadserver.com
pubads.g.doubleclick.net
research.adtelligent.com
resistthemainstream.org
resources.infolinks.com
router.infolinks.com
rt3027.infolinks.com
rtb.adxpremium.services
s-img.mgid.com
s.amazon-adsystem.com
s.cpx.to
s0.2mdn.net
s1.adform.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
servicer.mgid.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.aniview.com
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
t.trafmag.com
tag.1rx.io
tag.targeting.unrulymedia.com
tags.mathtag.com
talk.hyvor.com
token.rubiconproject.com
track.adform.net
track1.aniview.com
u.openx.net
um2.eqads.com
ups.analytics.yahoo.com
video-native.mgid.com
www.google-analytics.com
www.googletagmanager.com
www9.smartadserver.com
x.bidswitch.net
104.154.142.214
104.19.133.78
104.19.135.78
135.125.163.79
138.201.63.164
138.201.64.38
142.250.185.98
142.250.186.130
151.101.130.132
151.101.130.49
172.66.41.9
172.66.42.247
174.137.133.49
178.162.133.149
178.250.2.131
178.250.2.146
18.194.122.86
18.194.149.16
18.213.50.69
185.184.8.65
185.239.173.226
185.29.132.241
185.29.134.245
185.33.221.50
185.33.221.87
185.64.189.112
185.64.190.78
185.64.190.79
185.64.190.80
185.83.70.67
185.86.137.114
185.86.139.58
193.0.160.128
193.200.65.5
198.47.127.20
2.16.186.146
2.18.233.180
2.18.233.201
2.18.234.21
2001:678:cb4:bbbb::11
209.54.177.54
213.19.147.43
213.19.147.45
23.227.139.243
23.37.42.132
23.79.143.124
2600:9000:2156:6a00:a:cbb7:a940:93a1
2600:9000:2156:7200:8:48e:53c0:93a1
2602:803:c003:200::27
2602:803:c003:200::31
2606:4700:20::681a:891
2606:4700:20::681a:8a9
2606:4700:20::ac43:442c
2606:4700:3037::6815:3471
2606:4700::6810:125e
2606:4700::6812:272
2606:4700::6812:e134
2606:4700::6812:e234
2a00:1288:80:800::7000
2a00:1450:4001:801::2003
2a00:1450:4001:809::2008
2a00:1450:4001:810::200a
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2006
2a00:1450:400c:c0a::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00::210:bb91
2a02:fa8:8806:12::1400
2a03:90c0:41:2801::254
2a05:d018:d29:3605:7fb0:fdcc:4343:870d
3.126.56.137
34.194.106.25
34.225.96.147
35.156.69.231
35.190.62.199
35.227.248.159
35.244.159.8
35.244.174.68
37.157.4.24
37.157.5.73
37.157.6.253
37.18.16.16
38.27.122.101
45.133.44.3
45.133.44.4
5.178.65.245
51.89.7.202
51.89.9.251
52.16.87.205
52.200.158.235
52.208.19.36
52.210.199.144
52.211.218.251
52.223.40.198
54.164.123.106
54.174.249.39
63.251.14.3
64.202.112.255
67.202.105.22
67.202.105.33
69.173.144.138
69.173.144.139
69.173.151.100
75.101.235.47
89.187.169.47
96.46.183.20
008d2e13ce3be9a2d2953b7166a28ca0126cd5f004622904515b3c0fb04afacd
026fbafe97b76ac68a95c9343184354a56815ca8ed2321f9dc3e3eb79ae12503
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf
048675b5bae1d7dada511b7b02c60f3fb7a02e891a3931ab3afe3ab36033ca6f
04bcc736e6b826577ba79d4e99e3eebbbc42795999838236684079a00324772e
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
065a72457e105102f8a17ce715d02d3d803bd7ed05a9acad86a7b17fa6231a6f
07b28c082dd42dd5f74447cf4d9351338f6c1e81984a42989fe3978d699af694
0ae298f2509111b6eff0a258cb53fafcd63adbacfef38e453f46d7ff50edc24e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c165d6f216862e57112c9af1dc3f0737ed3ee8b82654962d8ada740142895e2
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
0e3e8b6a4608aad2b3ac26700a794ccd57fa7779ae42f12dd9c9221417744e14
0ec06bd6777d6a7ddfafcc9e410efcecb4b53adea00a9a0cac8efa8e92af332e
0ff538091b471bf8008583b9d394c466a60f6b4fcf01c2808acc4e5a268a54b5
10d10d857f0b9ee4649d0b0531ea87e1527a0dbbc3f3647cebfcd922c6c37ba5
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1571f1bece418ee90d63337858269630c13b63c4bc5d8fcbb6caf1ea8b29d998
160377ef4ca39a7d682574981b39bd6be54ebe0a326bca4d19e23e6b59aac4d3
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
16e834b5ad20a091f05e1f51cfeacfbb7b1496f6562ec40b07d36f3bdcd1cb77
16e9c3770bc398cefe9acdf34912a67fa1c2099711d977a095cf97f4c741c5e2
184d572ad3c111911e77198f0d937bf84d68805bc59bbd69e882d41970b0a3db
198ea6df487d503e09a019bc8e21eca1dd7487637b707551e99d51d4b8a6bd99
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1b618bee5daf4e8a14ef5aefa5c7e80ea96451fcd48884e8a615e4250a9d4ba8
1b846c4d4791756ff1337620e40c675afa5fd05cfbc40b2a2bb20477ba132c3a
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1f7e767057a468113b4c95065391f5a6ae48144c9e72d3bd6285ecb843936175
20d39c4e213e747dee4aa55bf503a5eff52c1d294ac947a97742c25fae160730
2164db37c8c0162887362f571cbc0172017fb0cfabe7a8103bff46ddfab2cfc2
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
241681b101eb2199fb6eec6d98b077310ae29cffdd85a0f6638e6cd9500bd9bb
244c1313586187b3bf79ba0e641d7ed1611689e310784cf712d28e703620c040
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28dd5351e2aa52056b10d3f771c4a60fe54d1968e7f9b620c5a4183a204a8c6d
28e95c0c629214fd64fe7c628cc37357d903aa65fb950d35d2e43d9c07e10e3e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
2ef9b5af12d75b08cbc5060fc8a9906f007f1c390c9e409a127320bfce905b04
2f980245c1a53adbf6bbe064d326e7057f6c5c9bc561165fd5f967b82f019e2c
30389cf8a9540caad65157f94347a01b77a96327398ff615be1a6cc346473553
303c31e35f989342766fceb81b3fc07a4efc89d7a7a160687dd1300e07dbf65f
3093b0c5dc79ef06886e2ddd238e466e2b43d35e5aeca027ae47f6c4fe003451
30c01b6e5144945c217cb7bea0018783cd099ce5af1e2dc48c8355f9bd25d37e
31a2b87637211d065cc2722c6ce0a173c4defdbaa4ff7b8144ff6902457aa017
320f9c10b94c5fd531ca60c0fae62fbb1fa70712e1a9caf5d8f37a3a79d3e7ca
336f7292a27329e309db1a0f0d129b4980dfb72de4468220845446a0762fe8c0
339b062715f0fa93bd4509bbd3c7ee6ebb3ce63ef1140c0dbf3aa8935b7aaf7c
3630e90357e0fc1a3fe032be863866365fd3b7d97524b4b9149fc0f873ee49a9
36d7d981d8ac09da34c03c3b4914104e830ceed745bad1523117e9d511073a0e
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
3b1ab0f0505989ffeabcd0bd7afd6a2a3e5f184e00d5a9e58337b33d00c050a8
3d418a2013e597b70823e9319add6de80ee0c6839ca366d469c4450826c35d11
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3faab7c9662cb1cb145cedbb4272ad02bc81021596cccc18a03788ae3e34d0e6
3fd866705913987f41eae0cd3122f984656896b60daf4385f99ed0e356978e33
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ff2dbbae2d5c0148b81d04ea9294919e080ee664d12e7823c26031c1ea125e
411c5cad0d24027c726e52a3903531a2c8348c845e6552932c7698e997a81405
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
453c0a771efefff092c422c7a2a6b0aac26418129fb5846de0a4cfb4cb1ee6b7
4879c5ca67a36e3c2c633557a3a3886ab14b5b6490fa9936acf0fd0abe892778
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ccf9c9503985022eff00ce765bdf89d323f6bf43a35e453145f9910cf95388
4c81e03d5961a492e1ee3b4bf73eae923fdabda4330447f577920d64f5234f07
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50fd1b0192e22f68957f2f557255fc06d698bfd8bfa8e168596f443e5b5831f3
5213aa9610d93b94c9be03e25b3c43ed00b97ae93aae88d29e81ea9c02a267c3
53c8a09bc11470624b68cc9ed6b8e09af3fbb18a9af4c243272b5dfeba2490e6
540a373b1a1d3de2ff779336e396a4219093140ccb4b65713ea6a75f4d8e28e7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b058564e311c9c3f452d13f6befbf91c6e5706a992bc66c26cc990678f319e3
5c3b13e776d614340c9cc91fb0482a097ff800637deaa114b182d447e5fc70a7
5d04f4182ee60c2670f9362ade3333153a49c1f33e9e8aafa7497a1b0cce814f
610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61aa02064765550124c2afd606873eda02d6b2406652f3649d35e933981c8f3d
65c04c59556a278cd23441cfe7ad128fea5694c4a25a77f0dc32c809c38a9def
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67c07c0e4ec4c5d0bc7e227dbe689dd03035b4cb0f8394574e1b6740af383461
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c4da273cb8d561aed1086b23e7f5dee2a2faca53ab22a168671dc39f2480695
6e244abc7224f0d09a459628f4b146d1eab85dbeafad852405cd2dfca3648469
6fe753ed066811d0f3f5cd833bca8f539641b96e5b69a07e3297557769be22c0
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
7225c811b9035a4ce65639eb7ab5e7850833a340a866cc8e4bc5c2ce4abe8756
735ba0855a8e681e98e185111aae755c396d6c0f889c40947b6d758551075f6e
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77339409ba41907335306a72ac430e45b94f0b9b8f835c97cd0aa08af7f82304
77403e128e5185b66dc8d0664e55d45595b01dddd2837fedd1f43cd3a344480f
77b3b2c53216ee57263fe847e0bd6f28ae2577a25c2ae00ab470dc164c769096
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a55efe08edfebe7597a59ba39f002fdb95015085233d361a39b849b952491f5
7ae2ca39a3d35ca24208cc4001571fe00a7dd1749b6a57b4dc8a611f09497aeb
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
80e7ae17ac456d2b2cc8d8e5b0d34085903b49ba27050029d81938b8d3a9b5ce
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8576b299c32cbf0ffe89072edb7a707abc5f698d9286bc52ca56ef6589e3897b
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
88810ce65ee55d7a60e833aa3fce057ba28d3a609f3504d6f66f0f77290d9334
888ad0d7ff41ab2c773607ac8c4f60babb965293e65b5a9835355079c2a240b0
88cb3902590c7b3d2d2eec2b75645744481ca247eaae00f39ca611938e5d10d2
88da04adace3de845df5c62268ca996fb4b16fd798368ff29d37bbedc2da5bc9
88fc98437230e70daa16917c0885ee963bbb1657e1bc4770ecbca21124fdd061
8a6e2d4bbbe4f00b6a81ab036c29d0471f1755d4bf48285c433ec79ad3c0b132
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91ee239687f47cfd398414ca4ce4a50014ec75ce6e0085aa8b4640b72293e32c
9284a576560f7b1bf06488542d70ebd656ccc7126ffa8fbfe2b3c0fb8fff9092
930ae03ab9f036b9a3aa21d7044d633edea02c5f7bb2b184ae49051d5b238efc
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96bcbe3684c1089d731e6e8b4e7a9af69f361e8299c381a1b22268e85131c0cd
97f8174c2c77b089450322a3dafb54238ade833c9224543cf5df13d46f34c1c7
99b6cd1982e8223c43fc77f8c8830a586c3b498ca3999383580aeb2a21b65936
9b546466cf0ea937202b7f8985ea05fbc36070cdfdbfc267b68f7eb351e4040e
9d5ce68eed34b1bb9d934554a23a1a18b5f2fd27f9308d0586fbd1be9e41cbd6
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a390d36acb3ee2b82c79b9ee37bf7aae8f3b520eb1f2d2ce952ca77b42341287
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f6f8afe101cd406e2111b434bdb3acf869b97c9e5bbccf6dcc13afe63be50f
a747c61c2762926db3f5fb6b9018e2da640cad4f7bbb89aab50ec1632c9aeb78
a9309029b10c0ccb07a5cd54b778347fd0484bc1e213cfe89b58aed952d3eb1e
ac3774c809f279d74ee1c089012274410b5715f3d0729a47100c0776a7952943
ad07083c56d731c6383f0f39b2ebd29f474b5a7eb6ba56db6ba22d608832283b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aff16f52b0b9a529e919ec1f99a8475d01e622bb44c02b4643f5fe7c6df90cbe
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b4c3f2f4e6c235296994b221f594ca331291a92988ab4c327f50981369940b
b32b1b3d9c9d72fb2bcbb42fbedcf0d778b362da47d78d45ff6d3cea98bd7f58
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
baa8d59df443964b349d9fcafb980369a5640a7b5ea9070cf4d02a714df7448b
baaa07a00697c570eead5452f22f87dfb30fd76e443aba6cc902b313db640ff6
bc871abfceed2f798929653305bcf0c2997c58d7f4f2e86afa881927900d2eb6
bcaceb256884918befa4dbc7991f4c236dae8a55839b558494637d1e4ea5f5c8
bdfb3f0436bf28f56e88a7e8d60c6db1bd32c96fc76765c068222a5455b75038
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3d6f43856edb4773691473aba669b43e4b4a0caeae37d2f8fa19456f1b8adae
c50be73ac605b62267126025fcebee57825d40a33ab06228762f233c84d231b9
c68ef40d78ae566ec35f1d0785b503add002abe8ad92c8543077ab9dbe4a4b1d
c6c4c059212606a0cb52abb125b3eae51cbb7ca011d24aa33165bd87a39ab472
c7ad088d10fbd3b025673a12b355062745683bd32b37a41bb68d0492b45a7b93
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714
cfca22abe0436e064d1b8da30d9e4f73f9abd2e1552d6c7a46f7daacf12f014b
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1063e779db3611eff609a79f1a73387cb4ca332345153742de0063f9e5704d4
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d20c4a1453fbc4e0b963cf7c3a48882373f0776dcdb8a80e53cf7b4bca4e0768
d2f6e88ed8cdf17e4bbaa06802925c7aebd279ed2140ac34e8c36672805aafc9
d8de4a3f83966d7375cb59846a5fe87b38ca6e5cd2253d6a6550c3a38e28cc71
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
db720757cace02ecc1e88d824648d67676e1e25ce8a7cb00a65c7c5ba89e4661
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dd0377ec36b97a4a5f62afa27cdcded344619ab365e8af6614afafeea3f67a00
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0ed4b80efbb81a92a82a727735aa23cd0e64ba7f8fe99507b31154f3042b9ba
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e1fdff8d9836d079e9a3fbd65eef169903719605f204628861de4189863774af
e249689202d578760f311db8af1646c07100fa7fbcf73b82e229813efd14813a
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e5595db09650405bd6fe4cd28e4433abbbd694d6faa84292c353930bdad1a4d2
e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1
e6bcb09b72fe4af0a7025a07592c4d798c853a0bc53443bbfaeeb58dbaee58bf
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9126e8b93d347b328196191cea7e2663506a0e66db75bc82b40afdd297af463
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
eb9e17a5509f9c4a63dc76de25bd0a6e0dff55e0794d350e22614b1e31037a8a
ebdc3c634ca996a1fff58a0ad684006c2b83a17edf2f38fe62ba2519891f6dcf
ed367284fdd0727d23443d61fef66e9d1bc522690f63fa510be7eba01005590a
ee7cb715e2926a70863d23b71a288a4e6807b6ff7c3e2c51ac806081e2ff6919
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4c4308ced26a76b53987f2a0b47713fdfcb83f025b501bc0a5ab378c748cfd
f1fc438ffc1479a3718733925bee4449484921a0654c6ecaf9ccdee940565339
f2f5f1a8e1c1a8914fbfb2ae7adf40d1a4eaa20a1121d1bf9cb29c06683debd0
f46e926a23660a6f833a06e9ba31e4931f32becc476b01cf6241cecafa4dcff0
f62e11b110b6233da7f94fc6715e2d026d3dd3cc22fa394623ba16c9316fa8f8
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc19d2f154f953b4c51b865cec0bb6aebd2e149ea59b98354c19f2cfe8759ad2
fc9c3fcc4471623d464db7a4744808d67f44d3037866797a3fce2c046685c9bd
fd90fd0db0152a24cd2d5e29ded225a1bff3cd5dd2eaee31ba418fb0ec92375b
fe8e15902d3d3cbb4dd0163df9b32ee471cbf8ad824ea66745789e2dbcd63acb
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869