urlscan.io logo urlscan.io
SecurityTrails logo

beckernews.com Open in urlscan Pro
172.64.195.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020...
Submission: On September 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 61 IPs in 8 countries across 60 domains to perform 207 HTTP transactions. The main IP is 172.64.195.3, located in United States and belongs to CLOUDFLARENET, US. The main domain is beckernews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 11th 2021. Valid for: a year.
This is the only time beckernews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 172.64.195.3 13335 (CLOUDFLAR...)
2 18.211.226.152 14618 (AMAZON-AES)
18 172.66.42.247 13335 (CLOUDFLAR...)
1 142.250.186.168 15169 (GOOGLE)
9 104.160.64.9 46469 (GETRESPON...)
1 151.139.242.29 33438 (HIGHWINDS2)
10 151.139.241.28 33438 (HIGHWINDS2)
6 104.18.226.52 13335 (CLOUDFLAR...)
1 192.0.73.2 2635 (AUTOMATTIC)
2 142.250.186.78 15169 (GOOGLE)
1 172.66.41.9 13335 (CLOUDFLAR...)
2 7 2.18.234.21 16625 (AKAMAI-AS)
2 51.89.9.252 16276 (OVH)
4 4 185.64.190.79 62713 (AS-PUBMATIC)
5 6 142.250.185.98 15169 (GOOGLE)
2 2 185.64.190.80 62713 (AS-PUBMATIC)
2 2 185.64.190.81 62713 (AS-PUBMATIC)
4 6 37.252.173.22 29990 (ASN-APPNEX)
3 3 3.126.56.137 16509 (AMAZON-02)
3 3 213.19.147.44 26120 (RHYTHMONE)
3 4 76.223.111.131 16509 (AMAZON-02)
1 1 64.202.112.159 23352 (SERVERCEN...)
1 178.162.133.149 60781 (LEASEWEB-...)
1 34.243.225.216 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 18.159.140.98 16509 (AMAZON-02)
2 2 38.27.122.101 174 (COGENT-174)
1 1 159.253.128.188 36351 (SOFTLAYER)
2 2 216.52.2.39 29791 (VOXEL-DOT...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 208.100.17.174 32748 (STEADFAST)
3 104.154.142.214 15169 (GOOGLE)
14 172.67.22.149 13335 (CLOUDFLAR...)
1 2 52.46.154.242 16509 (AMAZON-02)
1 1 63.215.202.140 41041 (VCLK-EU-SE)
1 38.91.45.7 398989 (DEEPINTENT)
1 1 46.228.164.11 56396 (AMOBEE)
3 142.250.186.66 15169 (GOOGLE)
4 104.21.64.241 13335 (CLOUDFLAR...)
2 142.250.185.138 15169 (GOOGLE)
10 142.250.185.226 15169 (GOOGLE)
2 54.234.151.247 14618 (AMAZON-AES)
5 23.20.158.212 14618 (AMAZON-AES)
1 172.217.16.130 15169 (GOOGLE)
1 2.16.186.139 20940 (AKAMAI-ASN1)
1 3.1.182.12 16509 (AMAZON-02)
1 44.238.136.108 16509 (AMAZON-02)
3 74.125.133.156 15169 (GOOGLE)
1 2.16.186.145 20940 (AKAMAI-ASN1)
5 34.197.47.85 14618 (AMAZON-AES)
2 2.18.233.180 16625 (AKAMAI-AS)
2 13.225.78.108 16509 (AMAZON-02)
2 151.101.129.194 54113 (FASTLY)
2 2.18.232.78 16625 (AKAMAI-AS)
2 142.250.185.66 15169 (GOOGLE)
1 3.219.102.109 14618 (AMAZON-AES)
1 142.250.186.33 15169 (GOOGLE)
1 34.223.151.79 16509 (AMAZON-02)
1 54.149.90.128 16509 (AMAZON-02)
1 1 37.252.172.249 29990 (ASN-APPNEX)
1 9 35.164.229.85 16509 (AMAZON-02)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 151.101.193.44 54113 (FASTLY)
2 2 52.17.150.98 16509 (AMAZON-02)
2 178.250.0.157 44788 (ASN-CRITE...)
1 34.149.20.76 15169 (GOOGLE)
1 52.208.41.69 16509 (AMAZON-02)
1 213.19.147.42 3356 (LEVEL3)
1 18.192.135.64 16509 (AMAZON-02)
1 213.19.162.41 26667 (RUBICONPR...)
5 142.250.185.97 15169 (GOOGLE)
1 142.250.186.42 15169 (GOOGLE)
3 142.250.184.193 15169 (GOOGLE)
1 142.250.181.228 15169 (GOOGLE)
2 142.250.186.99 15169 (GOOGLE)
2 2 35.244.159.8 15169 (GOOGLE)
1 54.236.80.3 14618 (AMAZON-AES)
207 61
29    172.64.195.3 (United States)

ASN13335 (CLOUDFLARENET, US)
beckernews.com
2    18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com
powerad.ai
18    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
1    142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net
www.googletagmanager.com
9    104.160.64.9 (United States)

ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: norevdns.getresponse.com
app.getresponse.com
1    151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)
cdn2.lockerdomecdn.com
10    151.139.241.28 (United States)

ASN33438 (HIGHWINDS2, US)
cdn1.lockerdomecdn.com
6    104.18.226.52 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
1    192.0.73.2 (United States)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
www.google-analytics.com
1    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
rt3002.infolinks.com
7    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
4    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
6    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
6    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    34.243.225.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-225-216.eu-west-1.compute.amazonaws.com
s.cpx.to
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    18.159.140.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-140-98.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    208.100.17.174 (United States)

ASN32748 (STEADFAST, US)
PTR: ip174.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
3    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
14    172.67.22.149 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.vuukle.com
vuukle.com
api.vuukle.com
publish.vuukle.com
media.vuukle.com
2    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    63.215.202.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-login.dotomi.com
casale-match.dotomi.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
4    104.21.64.241 (None, )

ASN13335 (CLOUDFLARENET, US)
rddywd.com
2    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
www.googleapis.com
10    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
2    54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com
reporting.powerad.ai
5    23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com
hb.brainlyads.com
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
googleads.g.doubleclick.net
1    2.16.186.139 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-139.deploy.static.akamaitechnologies.com
tg1.vuukle.com
1    3.1.182.12 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-182-12.ap-southeast-1.compute.amazonaws.com
pixel.zprk.io
1    44.238.136.108 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-136-108.us-west-2.compute.amazonaws.com
a.ad.gt
3    74.125.133.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f156.1e100.net
stats.g.doubleclick.net
1    2.16.186.145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-145.deploy.static.akamaitechnologies.com
player.avplayer.com
5    34.197.47.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-47-85.compute-1.amazonaws.com
servt.vuukle.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    13.225.78.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-108.fra2.r.cloudfront.net
s.flocdn.com
2    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
2    2.18.232.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-78.deploy.static.akamaitechnologies.com
play.aniview.com
player.aniview.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googletagservices.com
adservice.google.com
1    3.219.102.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-102-109.compute-1.amazonaws.com
serv.vuukle.com
1    142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net
c99cab225d5657697a695f1bc4aa8fb4.safeframe.googlesyndication.com
1    34.223.151.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-151-79.us-west-2.compute.amazonaws.com
aufp.io
1    54.149.90.128 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-90-128.us-west-2.compute.amazonaws.com
p.ad.gt
1    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
9    35.164.229.85 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-229-85.us-west-2.compute.amazonaws.com
ids.ad.gt
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    52.17.150.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-150-98.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    52.208.41.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-41-69.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    18.192.135.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
cdn.ampproject.org
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
3    142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net
www.google.com
2    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
1    54.236.80.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-80-3.compute-1.amazonaws.com
logs-01.loggly.com
Apex Domain
Subdomains		 Transfer
29 beckernews.com
beckernews.com
371 KB
21 vuukle.com
cdn.vuukle.com
vuukle.com
api.vuukle.com
tg1.vuukle.com
publish.vuukle.com
servt.vuukle.com
media.vuukle.com
serv.vuukle.com
301 KB
20 doubleclick.net
cm.g.doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
355 KB
19 infolinks.com
resources.infolinks.com
router.infolinks.com
rt3002.infolinks.com
281 KB
11 ad.gt
a.ad.gt
p.ad.gt
ids.ad.gt
pixels.ad.gt Failed
16 KB
11 lockerdomecdn.com
cdn2.lockerdomecdn.com
cdn1.lockerdomecdn.com
134 KB
10 pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
ads.pubmatic.com
116 KB
9 getresponse.com
app.getresponse.com
133 KB
7 googlesyndication.com
pagead2.googlesyndication.com
c99cab225d5657697a695f1bc4aa8fb4.safeframe.googlesyndication.com
2d1fdc6274df0735a105f2b8ad1927c3.safeframe.googlesyndication.com Failed
tpc.googlesyndication.com
123 KB
7 adnxs.com
ib.adnxs.com
secure.adnxs.com
6 KB
7 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
7 KB
6 onesignal.com
cdn.onesignal.com
onesignal.com
img.onesignal.com
89 KB
5 ampproject.org
cdn.ampproject.org
103 KB
5 brainlyads.com
hb.brainlyads.com
314 KB
4 rddywd.com
rddywd.com
2 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 powerad.ai
powerad.ai
reporting.powerad.ai
38 KB
3 googleapis.com
www.googleapis.com
fonts.googleapis.com
1 KB
3 lockerdome.com
lockerdome.com
47 KB
3 1rx.io
sync.1rx.io
tag.1rx.io
1 KB
3 yahoo.com
ups.analytics.yahoo.com
3 KB
2 openx.net
u.openx.net
876 B
2 gstatic.com
fonts.gstatic.com
32 KB
2 criteo.com
gum.criteo.com
624 B
2 bidr.io
match.prod.bidr.io
1 KB
2 google.com
adservice.google.com
www.google.com
570 B
2 aniview.com
play.aniview.com
player.aniview.com
103 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net
71 KB
2 flocdn.com
s.flocdn.com
49 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 33across.com
ssc-cms.33across.com
ssc.33across.com
368 B
2 lijit.com
ap.lijit.com
1 KB
2 bnmla.com
match.bnmla.com
1 KB
2 advertising.com
pixel.advertising.com
674 B
2 onetag-sys.com
onetag-sys.com
1 KB
2 google-analytics.com
www.google-analytics.com
20 KB
1 loggly.com
logs-01.loggly.com
293 B
1 rubiconproject.com
fastlane.rubiconproject.com
2 KB
1 bidswitch.net
grid.bidswitch.net
269 B
1 gumgum.com
g2.gumgum.com
357 B
1 taboola.com
trc.taboola.com
229 B
1 contextweb.com
bh.contextweb.com
423 B
1 aufp.io
aufp.io
3 KB
1 googletagservices.com
www.googletagservices.com
26 KB
1 avplayer.com
player.avplayer.com
58 KB
1 zprk.io
pixel.zprk.io
3 KB
1 turn.com
ad.turn.com
425 B
1 deepintent.com
match.deepintent.com
44 B
1 dotomi.com
casale-match.dotomi.com
187 B
1 rfihub.com
p.rfihub.com
751 B
1 simpli.fi
um.simpli.fi
609 B
1 adkernel.com
dsp.adkernel.com
233 B
1 cpx.to
s.cpx.to
945 B
1 sonobi.com
sync.go.sonobi.com
478 B
1 zemanta.com
b1sync.zemanta.com
288 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
475 B
1 gravatar.com
secure.gravatar.com
6 KB
1 googletagmanager.com
www.googletagmanager.com
39 KB
0 facebook.net Failed
connect.facebook.net Failed
0 tynt.com Failed
de.tynt.com Failed
207 60
Domain Requested by
29 beckernews.com beckernews.com
15 router.infolinks.com resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
10 securepubads.g.doubleclick.net cdn.vuukle.com
securepubads.g.doubleclick.net
www.googletagservices.com
beckernews.com
10 cdn1.lockerdomecdn.com beckernews.com
lockerdome.com
9 ids.ad.gt 1 redirects beckernews.com
9 app.getresponse.com beckernews.com
app.getresponse.com
6 ib.adnxs.com 4 redirects ssum-sec.casalemedia.com
hb.brainlyads.com
6 cm.g.doubleclick.net 5 redirects beckernews.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 servt.vuukle.com beckernews.com
player.aniview.com
5 hb.brainlyads.com powerad.ai
beckernews.com
5 cdn.vuukle.com beckernews.com
cdn.vuukle.com
4 publish.vuukle.com cdn.vuukle.com
4 rddywd.com beckernews.com
4 match.adsrvr.org 3 redirects ssum-sec.casalemedia.com
4 image8.pubmatic.com 4 redirects
3 tpc.googlesyndication.com beckernews.com
3 media.vuukle.com beckernews.com
3 stats.g.doubleclick.net lockerdome.com
3 onesignal.com cdn.onesignal.com
3 pagead2.googlesyndication.com beckernews.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 lockerdome.com cdn2.lockerdomecdn.com
3 ups.analytics.yahoo.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
ssum-sec.casalemedia.com
3 resources.infolinks.com beckernews.com
resources.infolinks.com
2 u.openx.net 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 gum.criteo.com ads.pubmatic.com
2 match.prod.bidr.io 2 redirects
2 confiant-integrations.global.ssl.fastly.net cdn.vuukle.com
confiant-integrations.global.ssl.fastly.net
2 s.flocdn.com cdn.vuukle.com
2 ads.pubmatic.com beckernews.com
2 reporting.powerad.ai powerad.ai
2 www.googleapis.com beckernews.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 ap.lijit.com 2 redirects
2 match.bnmla.com 2 redirects
2 pixel.advertising.com 2 redirects
2 sync.1rx.io 2 redirects
2 image4.pubmatic.com 2 redirects
2 image2.pubmatic.com 2 redirects
2 onetag-sys.com router.infolinks.com
hb.brainlyads.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
cdn2.lockerdomecdn.com
2 cdn.onesignal.com beckernews.com
cdn.onesignal.com
2 powerad.ai beckernews.com
powerad.ai
1 logs-01.loggly.com resources.infolinks.com
1 www.google.com beckernews.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 fastlane.rubiconproject.com hb.brainlyads.com
1 grid.bidswitch.net hb.brainlyads.com
1 tag.1rx.io hb.brainlyads.com
1 g2.gumgum.com hb.brainlyads.com
1 ssc.33across.com hb.brainlyads.com
1 trc.taboola.com beckernews.com
1 bh.contextweb.com 1 redirects
1 secure.adnxs.com 1 redirects
1 p.ad.gt a.ad.gt
1 aufp.io a.ad.gt
1 c99cab225d5657697a695f1bc4aa8fb4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 serv.vuukle.com player.aniview.com
1 www.googletagservices.com hb.brainlyads.com
1 player.aniview.com player.avplayer.com
1 play.aniview.com beckernews.com
1 player.avplayer.com tg1.vuukle.com
1 a.ad.gt beckernews.com
1 pixel.zprk.io powerad.ai
1 img.onesignal.com beckernews.com
1 tg1.vuukle.com cdn.vuukle.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 api.vuukle.com cdn.vuukle.com
1 vuukle.com cdn.vuukle.com
1 ad.turn.com 1 redirects
1 match.deepintent.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 ssc-cms.33across.com router.infolinks.com
1 p.rfihub.com 1 redirects
1 um.simpli.fi 1 redirects
1 dsp.adkernel.com router.infolinks.com
1 s.cpx.to router.infolinks.com
1 sync.go.sonobi.com router.infolinks.com
1 b1sync.zemanta.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 rt3002.infolinks.com resources.infolinks.com
1 secure.gravatar.com beckernews.com
1 cdn2.lockerdomecdn.com beckernews.com
1 www.googletagmanager.com beckernews.com
0 connect.facebook.net Failed p.ad.gt
0 pixels.ad.gt Failed p.ad.gt
0 2d1fdc6274df0735a105f2b8ad1927c3.safeframe.googlesyndication.com Failed securepubads.g.doubleclick.net
0 de.tynt.com Failed router.infolinks.com
207 93

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
adssettings.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-11 -
2022-01-10		 a year crt.sh
*.powerad.ai
Go Daddy Secure Certificate Authority - G2		 2021-08-13 -
2022-09-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.getresponse.com
Go Daddy Secure Certificate Authority - G2		 2021-03-17 -
2022-04-11		 a year crt.sh
cdn2.lockerdomecdn.com
Go Daddy Secure Certificate Authority - G2		 2021-03-06 -
2022-04-07		 a year crt.sh
cdn1.lockerdomecdn.com
Go Daddy Secure Certificate Authority - G2		 2021-03-06 -
2022-04-07		 a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-02-09		 a year crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2020-09-27 -
2021-10-29		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
hb.brainlyads.com
Go Daddy Secure Certificate Authority - G2		 2020-11-23 -
2021-12-25		 a year crt.sh
wl2.aniview.com
R3		 2021-08-31 -
2021-11-29		 3 months crt.sh
*.zprk.io
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-11 -
2021-12-15		 a year crt.sh
*.ad.gt
Amazon		 2021-06-09 -
2022-07-08		 a year crt.sh
outstreamedia.com
R3		 2021-08-03 -
2021-11-01		 3 months crt.sh
*.adservrs.com
Amazon		 2021-05-18 -
2022-06-16		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.flocdn.com
Amazon		 2021-03-06 -
2022-04-04		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
aufp.io
Amazon		 2020-12-26 -
2022-01-24		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
grid.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-15 -
2021-10-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
logs-01.loggly.com
Starfield Secure Certificate Authority - G2		 2020-03-06 -
2022-04-10		 2 years crt.sh

This page contains 22 frames:

Primary Page: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Frame ID: CF51BA21FABC7E9ED6B74E3B6BD34104
Requests: 135 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Frame ID: 85465C47F78D57E7588DB717DF6C1D65
Requests: 16 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: C9F651D28628383DD3EB94BA304CED2C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 92B82C2D9D65A5B33AE2A2FD757DA0A7
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 36DB0476A4DF4F39C1F508B393EC0189
Requests: 1 HTTP requests in this frame

Frame: https://app.getresponse.com/site2/beckernews/?u=yBWGs&webforms_id=Sbymy&v=0
Frame ID: BE1BEDE302888FF0B4DAA2302572A815
Requests: 7 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13726297860053350?pubid=ld-13726297860053350-151&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Frame ID: 17AFD7DDC88989FE9DE4E03EC6D56F14
Requests: 8 HTTP requests in this frame

Frame: https://beckernews.com/watch-the-feds-actually-arrest-one-of-their-own-at-staged-justice-for-j6-rally-41540/embed/
Frame ID: AEA6B909592F2962B727703AE83453D4
Requests: 12 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13726299873319270?pubid=ld-13726299873319270-436&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Frame ID: D442B91978169E3EAD9183A485BA7AE0
Requests: 6 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13726301584595302?pubid=ld-13726301584595302-692&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Frame ID: 8FDE0D2FE8E86F8F39ADB86DB44C6E96
Requests: 6 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Frame ID: A35B8B275098CF05526B95B989B7C4B0
Requests: 11 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Frame ID: C1F888A1A57192AA614BDEF86AF587E7
Requests: 3 HTTP requests in this frame

Frame: https://cdn.vuukle.com/widgets/powerbar.html?version=2.7.8
Frame ID: 42B71AD300BE3AD2821DDA1D04FFC14F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Frame ID: E2D3B8C99C20EAA34FD47C104812E270
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/4211/?ver=1.0&pageId=1281323931&sizes=[[728,90]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/%22],[%22referrer%22,%22%22],[%22referrerCategory%22,%22Direct%22]]
Frame ID: 4EFB5CA3C5F0107E469716AF1953CC25
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Frame ID: 69AFC1B02039EAFD11FFC466EE87B578
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 692756A3165B1285E4579D697F7CFBAE
Requests: 4 HTTP requests in this frame

Frame: https://c99cab225d5657697a695f1bc4aa8fb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 83A423F07FFADFC62378E00D1EC0AF4A
Requests: 1 HTTP requests in this frame

Frame: https://2d1fdc6274df0735a105f2b8ad1927c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 0C30ECABFB04D5F306E492CE574034EE
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 7C201CE0CD84EF905AEC76AD030DADAF
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 3156ED0903C819CD0F7E9C911F6554AC
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 751718CC2F1F960C2F1A56A9A752E76B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

207
Requests

95 %
HTTPS

0 %
IPv6

60
Domains

93
Subdomains

61
IPs

8
Countries

2844 kB
Transfer

10339 kB
Size

95
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Request Chain 44
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDI1RjlGMkItMjM3OC00Rjc1LTgxMDktNEMxMzVBNEJFRjBD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D425F9F2B-2378-4F75-8109-4C135A4BEF0C HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=425F9F2B-2378-4F75-8109-4C135A4BEF0C
Request Chain 45
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=3182964695445562526
Request Chain 46
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-6nr_1aRE2uEoSkt0EttW81PLFkqAzubeiucJaTk-~A
Request Chain 47
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4504049925 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4504049925 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/351d84be-f55d-482e-aad8-99fde6c2599e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1ecc5b10-1d52-4a9f-ba25-c5d99fe6dc6e-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-1ecc5b10-1d52-4a9f-ba25-c5d99fe6dc6e-003 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-1ecc5b10-1d52-4a9f-ba25-c5d99fe6dc6e-003
Request Chain 48
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=
Request Chain 50
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fbeckernews.com%252Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%252F&pid=12306&adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fbeckernews.com%25252Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&pid=12306&adnxs_uid=3182964695445562526
Request Chain 52
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPac23fe36-1e66-11ec-addc-02da58b6f1ba HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-mNsbn9pE2uGNkofIo087Sp3sJKP7mv.q~A~UPac23fe36-1e66-11ec-addc-02da58b6f1ba
Request Chain 53
  • https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=B651D007CEC343F3B083BD811E73E4F9 HTTP 302
  • https://router.infolinks.com/dyn/enbd-usync?uid=1e83a2c9-99c9-4065-9607-fca81112d613
Request Chain 54
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=5a6b0816c7479ca708bd8960
Request Chain 55
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D425F9F2B-2378-4F75-8109-4C135A4BEF0C HTTP 302
  • https://router.infolinks.com/dyn/usersync?pmuservalue=425F9F2B-2378-4F75-8109-4C135A4BEF0C
Request Chain 57
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=1871316023187230722
Request Chain 66
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YU-Ivh73IyxOQmfl4bPqvgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHjFjbPv8sIu_TiTVGn2O3k&google_cver=1&gdpr=1
Request Chain 68
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YU_Ivh73IyxOQmfl4bPqvgAABLIAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YU_Ivh73IyxOQmfl4bPqvgAABLIAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAwsk1lB2pwq_Gkl2ibEjjI&google_cver=1
Request Chain 69
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU_Ivh73IyxOQmfl4bPqvgAABLIAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU_Ivh73IyxOQmfl4bPqvgAABLIAAAAB&dcc=t
Request Chain 71
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1632705086&gdpr=1
Request Chain 73
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4032601641360509986
Request Chain 182
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b&adnxs_id=$UID HTTP 302
  • https://ids.ad.gt/api/v1/match?id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b&adnxs_id=3182964695445562526
Request Chain 183
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=351d84be-f55d-482e-aad8-99fde6c2599e&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
Request Chain 184
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Da74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=425F9F2B-2378-4F75-8109-4C135A4BEF0C&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b&google_gid=CAESEKNHBl-NOQRFVzgD7XvMt94&google_cver=1&google_ula=450542624,0
Request Chain 186
  • https://ids.ad.gt/api/v1/g_hosted?id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YTc0ZTVmNGYtZWZiNi00ZjQyLWJkYzktNWU3NGViYzE5ZTVi
Request Chain 187
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b HTTP 302
  • https://ids.ad.gt/api/v1/ppnt_match?uid=1Xn0aRdAQKF7&ev=1&pid=562316&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
Request Chain 189
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b HTTP 303
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b&_bee_ppp=1 HTTP 303
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AACU3E7Cn5EAADNedUcCCw&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
Request Chain 224
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl%26auid%3Da74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl%26auid%3Da74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b HTTP 302
  • https://ids.ad.gt/api/v1/openx?openx_id=f279abc3-5cf2-4d5a-abe3-30417459c667&id=02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl&auid=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b

207 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/ 		141 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
6c8f72b36bfedb5b04bacd1d4e3da814fcca36da13796a416a382f3a884c4cfd

Request headers

:method
GET
:authority
beckernews.com
:scheme
https
:path
/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 26 Sep 2021 01:11:25 GMT
content-type
text/html; charset=UTF-8
cf-ray
69489e3cecb1412c-PRG
last-modified
Sat, 25 Sep 2021 22:19:07 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by
PHP/7.4.24
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4LBkFOKavYKI8j3Pu9ogAhKa6MiNIr7srtH8N%2F7G6SMDybnFFTeArv1Zc654DG6s2ywNvg3ZcgPIJuoIQub0NNk0fExXIbv%2BMMETe1oeinfpynJuupVCCgg6Yj172TwOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
beckernews.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 02 Sep 2021 08:23:19 GMT
server
cloudflare
etag
W/"613089f7-13abe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeItvyd92Pmh2jOaxeSubcRMf%2F2KXCGBgVColyJtU3KjOAEk2d954590yeOeNOSdBcrg%2BE1VDez9LWdS16FTpAIjIhOPsnIy5wOsJzdXs8Sh3gX6jgHzRGo3Bgx1%2BgfK2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69489e416d98412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
base.min.css
beckernews.com/wp-content/themes/jannah/assets/css/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.8
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Request headers

:path
/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 19 Sep 2021 18:53:56 GMT
server
cloudflare
etag
W/"61478744-a3b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mZ%2F7bz10CLZ%2BLukDsgQeT2biXB%2F9xtEmnNohipDt4sy1Kl%2B%2FFwvJhFMPo9jm%2Bt1Eq0u2BfYZrpy8CW1wW4rxquwPvTd8Smb0DyArckj8CP8fCMBC6bwIQ1Jn0MHfrGZwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69489e416d99412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
beckernews.com/wp-content/themes/jannah/assets/css/ 		171 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.8
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Request headers

:path
/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 19 Sep 2021 18:53:56 GMT
server
cloudflare
etag
W/"61478744-2aca3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=waXfQGIQLw7AzrvgJ%2BS8x9f%2Bd5BcZ%2BWwhvigrITrRfJf8NPzgbcA2woCdwS72yGlPl3fiUMJEaSnYo3gHr1ZAzhYnUpqKj%2FyizqVyeiKizJrI9ymlIfZi6DX0pYBFZnc%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69489e416d9a412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
widgets.min.css
beckernews.com/wp-content/themes/jannah/assets/css/ 		53 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.8
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Request headers

:path
/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 19 Sep 2021 18:53:56 GMT
server
cloudflare
etag
W/"61478744-d37e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6zcJ9xLeIjNDP6iQ2mmq0yKCMpeHg%2BxjMDIVx8I%2BzOt8QXJYb9Fx3vuw8nHyCKYu4b5oIEuDgMKioP8NiHZX5A%2Bve7Vi8R%2B2AUTn4tKhWKkr%2B0BD5J5lS9xnBD7KQ%2FDeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69489e416d9b412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
helpers.min.css
beckernews.com/wp-content/themes/jannah/assets/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.8
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Request headers

:path
/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 19 Sep 2021 18:53:56 GMT
server
cloudflare
etag
W/"61478744-3b78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6S%2BqQcwFoA%2BaZtSne7zCpiz9SsWwnvsrdY4pZ97cX%2BI4sXjdqTmcjOcrzcsbHukL6AiIWeOSF4J919BVxj2UE1aU%2BCKW7Tu4JBEDvqNxzjmtqhwO5KHdPDPdGFlKlC39Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69489e416d9c412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
fontawesome.css
beckernews.com/wp-content/themes/jannah/assets/css/ 		57 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.8
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c

Request headers

:path
/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=58662
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 19 Sep 2021 18:53:56 GMT
server
cloudflare
etag
W/"61478744-e526"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgbjxTRB07RLtfQOiPTGUy%2BBEouYZoA7f8jJpZhRLgN%2BY6Xaigk%2BE3Ct0PHtEMFbvB7KbdpYxBQ3ZGU1QZ66%2BE8cznplvkukwuKxMVfqXhyX2hcZCVppdPl5X8hrxNwD%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000
cf-ray
69489e416d9d412c-PRG
cf-bgj
minify
skin.css
beckernews.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.8
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c

Request headers

:path
/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=12018
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 19 Sep 2021 18:53:56 GMT
server
cloudflare
etag
W/"61478744-2ef2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ti4MFPQG1t6CytfU%2Fcs9Lxef7QTkSiucd3kIo4Cv5AM41Tov7PIIHPxKCqMxOukWGPwL7N8fXWfOEzLryhH5PSSZhP%2BJaQHHpOg9LlgMjyr8maOG5sp1yKJ8T10DZCqW1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000
cf-ray
69489e416d9e412c-PRG
cf-bgj
minify
single.min.css
beckernews.com/wp-content/themes/jannah/assets/css/ 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.8
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950

Request headers

:path
/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 19 Sep 2021 18:53:56 GMT
server
cloudflare
etag
W/"61478744-9e25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aWDgE1CZv2MqNgrtYNk3AOKClb%2Fa3k5Kzlq1%2BH2i4SI26j4UXKqMzoGQ4duLIGobr3Nv%2BqmgiDO%2FRgGN7mU1d9oRy7W2jqBuWaOicHOBKT8JOnveGSmxlWSsOHMl8FxXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69489e416d9f412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
RXvX1snpkkVVqv67AyPno-pDCsw.js
beckernews.com/cdn-cgi/apps/head/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/cdn-cgi/apps/head/RXvX1snpkkVVqv67AyPno-pDCsw.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2403c547323e252309d499941b20324d71d113374e88da01e7a2bec540568946

Request headers

:path
/cdn-cgi/apps/head/RXvX1snpkkVVqv67AyPno-pDCsw.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
217517
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
Q2HRKWXAX9Y0PFT3
x-amz-id-2
TfBfjRksTc3gimUbm68YD2xx+YPGO1PpAkobBXTddWucA3MfYMNHmvKnUQ/KCG5MTlVkKTMXw2w=
last-modified
Thu, 18 Mar 2021 12:52:20 GMT
server
cloudflare
etag
W/"ffe7e172d4574a588b2d1868db5cb38d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67mmt9QBYR5vXYU%2FZ%2B4WbJaBOUk2wIZRny0osae6xa%2B6sOR2qUxJt4KXLKYTWnNEwmMt1wZV1qcBxdL2BdSmnafqwzQH23jODCYokANZ0xT8IvSKgRah2TPUCf9wovGarA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
f62hFwR4WjE0xn6AOFt6FCRZ09TOy9Zm
cf-ray
69489e416da0412c-PRG
free-comments-for-wordpress-vuukle-public-count.js
beckernews.com/wp-content/plugins/free-comments-for-wordpress-vuukle/public/js/ 		948 B
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/plugins/free-comments-for-wordpress-vuukle/public/js/free-comments-for-wordpress-vuukle-public-count.js?ver=5.0.3
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71fa1f7d7f86952d4f8409f3c419849828c9416c58ac248e23e02b2ddc712dd1

Request headers

:path
/wp-content/plugins/free-comments-for-wordpress-vuukle/public/js/free-comments-for-wordpress-vuukle-public-count.js?ver=5.0.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1635
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 22 Sep 2021 18:03:46 GMT
server
cloudflare
etag
W/"614b7002-663"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WI91V2VcYuLy%2FcNSfr3nMjaANZ%2Fw%2BfoNpg9atXSlCEWWCgiDdUyZVEfrlR%2Fb6TBYLfa%2BXK8rr3dW1afOrCR71oA%2BOnZyhoP95knd4cSHYARQwKLBl%2B342Owq%2BBmu%2FufEdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=432000
cf-ray
69489e416da1412c-PRG
cf-bgj
minify
jquery.min.js
beckernews.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 02 Sep 2021 08:23:19 GMT
server
cloudflare
etag
W/"613089f7-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyLJJHBzsz037wHYdtrAZUSSzduy%2BEvw7AP0pTgVpwHk3TnFttoO8io%2BS0vP6u0GB2zl4ZW6Olp4Ev%2F7RyrlvHUcN68lOzMb8V2Msbg%2FrzsGAFECTEyNzTyOKPQF75kKZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69489e417da4412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery-migrate.min.js
beckernews.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 25 Dec 2020 15:10:21 GMT
server
cloudflare
etag
W/"5fe600dd-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCvEImYD8iEhCzY5A0JPLtz0U5qo%2FkjXhEqG1sNjf9mk3vikOhCkNMdQhcDNgJoC%2BRBZptwoFoQFxpj0plXxMR2CMvlrZCZlFbVhh42UqkxTfvqq3Kl9bW4sz9msYvYryw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69489e417da5412c-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
script.js
powerad.ai/ 		170 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/script.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
63721156438c4a8fad96c6cb93099d8a59e94706abc4bf0c391b393cff33aa9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 01:11:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Sep 2021 15:19:09 GMT
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
Express
ETag
W/"2a930-17ba717a506"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
*
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee161ee902daab76ff7bb03b1de4537ec1a5e3e515ed174879a7c60d7d621bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
69489e419daa42c9-FRA
date
Sun, 26 Sep 2021 01:11:25 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Sat, 18 Sep 2021 18:06:08 GMT
server
cloudflare
age
11054
etag
W/"d79-5cc48e6f4caa7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
expires
Sat, 25 Sep 2021 23:07:11 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-190122086-1
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e13b492d574f90b2c7f6796d1ced71892d186e8806ae0d5dff00cd2f5a6c2146
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39236
x-xss-protection
0
last-modified
Sun, 26 Sep 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 26 Sep 2021 01:11:26 GMT
kyle-logo.png
beckernews.com/wp-content/uploads/2021/01/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beckernews.com/wp-content/uploads/2021/01/kyle-logo.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
607a278086c235f6b1bf896ecc82183cfe266ff2d5e3e5178c4db666507a4d36

Request headers

:path
/wp-content/uploads/2021/01/kyle-logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
217517
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13523
last-modified
Thu, 14 Jan 2021 01:06:38 GMT
server
cloudflare
etag
"5fff991e-34d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FV0w%2BwPUhoJVJ3SRndxtd2J9R4AT%2Bog76UpA9%2Fs0yJH39VGBYu7Ej8ZjqzjGcWWDzFolOCmEqntklxP5OqeeLCrU8on5carC5eY2hFv%2BINoHa0cr8r4Em%2BlXZRzrqU0cA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
69489e444c234138-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
view_webform_v2.js
app.getresponse.com/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.getresponse.com/view_webform_v2.js?u=yBWGs&webforms_id=Sbymy
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.9 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
/
Resource Hash
3bbb08c1dcbc61185f3c37319310f2f5a29101546a1642935bd944f666ce459b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Date
Sun, 26 Sep 2021 01:11:26 GMT
X-Frame-Options
sameorigin
Content-Type
application/x-javascript
Content-Security-Policy-Report-Only
default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
Feature-Policy
accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 22:24:33 GMT
server
nginx
etag
W/"14f4-17c14c2a7d9"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
https://lockerdome.com
content-length
2348
beckernewsllc_beckernews_above_content_1_smartview.js
cdn1.lockerdomecdn.com/embeds/ 		344 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/beckernewsllc_beckernews_above_content_1_smartview.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
5713867ac8881dd5a8e178755241a12fc55d6a4144c27216e5608064b1ed972e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 19:44:30 GMT
server
nginx
etag
W/"949f8d2be0919e8273e17990adb680b9"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
273
beckernewsllc_beckernews_in_content_1_smartview.js
cdn1.lockerdomecdn.com/embeds/ 		344 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/beckernewsllc_beckernews_in_content_1_smartview.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
86e8be85acf880935aa96b9d7aaf4fa97bf5a0e2db09835040e5b97ec43d5cc2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 19:44:31 GMT
server
nginx
etag
W/"b51af748c65409dfe34621aeb04bb259"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
272
beckernewsllc_beckernews_in_content_2_smartview.js
cdn1.lockerdomecdn.com/embeds/ 		344 B
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/beckernewsllc_beckernews_in_content_2_smartview.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
b732aa760484feded70866a79c1f89bafdc9938e83e74b0d8d8ff7fbb4a7b77a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 19:44:31 GMT
server
nginx
etag
W/"b48e5e13171bf6ae1da89442a9323649"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
content-length
273
q2w3-fixed-widget.min.js
beckernews.com/wp-content/plugins/q2w3-fixed-widget/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.3.0
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

:path
/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.3.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 20 Sep 2021 08:56:22 GMT
server
cloudflare
etag
W/"61484cb6-1108"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSdHUK8eP6%2BBPhdmwkOoYxsOWwIKZCjsJM3DlMFiBlcNDsgBBrS6mXfYnEllaojzcNF0jLZ6ZikKcBcMk7jTbOC4JaOCNA0%2FIfdfaudPnLtPV1RNuiBrgFcFKPXGm%2BodYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69489e444c1d4138-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
scripts.min.js
beckernews.com/wp-content/themes/jannah/assets/js/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.8
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc

Request headers

:path
/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 19 Sep 2021 18:53:56 GMT
server
cloudflare
etag
W/"61478744-57c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zu2kqs1SD6IeS5OO44AOFXU7K%2FDHSjY%2BInqUVz%2F7gIWEOvO0LK8rctSW6wdhcho6Q1wY40ti6FNiwnSBongpbCPwQC%2FKKagTy%2BVd0WtinuuQ2sqKE5M%2BL7ZI6NHhKiXqew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69489e444c1f4138-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
lightbox.js
beckernews.com/wp-content/themes/jannah/assets/ilightbox/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.8
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1

Request headers

:path
/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=81423
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 19 Sep 2021 18:53:56 GMT
server
cloudflare
etag
W/"61478744-13e0f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2F8CiDLTuEXKCsHUt068P1RNr%2BttTciF3Y2Z3924vl8NAAJVgzhf6Nf0sdQBo2ROPRka8sUuvghiSwzBGPe7wcZnksHY9z%2FtEkwCEFm2LYPRF7IjLkJIGy6KRQlUP7YSbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=432000
cf-ray
69489e444c204138-PRG
cf-bgj
minify
single.min.js
beckernews.com/wp-content/themes/jannah/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.8
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457

Request headers

:path
/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 19 Sep 2021 18:53:56 GMT
server
cloudflare
etag
W/"61478744-15ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RibjWsZbZa6jfxqMGGMINiwEXqTNTTc44ypEn%2BoNMZFSa1AygFkKPFOGXtMiKXghq8uGjlx27wR%2FfquD8y8%2FfvHuTiGJvkeN31cJUmWV%2B3rg6I7zq%2B3WBsQoODnDCxuZgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69489e444c214138-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-embed.min.js
beckernews.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 03 Feb 2021 21:32:33 GMT
server
cloudflare
etag
W/"601b1671-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvrqQB7mWDwZGpfTAmKw38%2FWC9tPaNBfXivNGVwMdd%2Bq72dlTNHswGE73bE94Q1%2Be%2BbWHuyYKI4eWLxYw%2BlV2JjL%2FG9oNiOlIXDDVdFWZIurjjhWZlnZgddpYMtYkrn3PA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69489e444c224138-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2668
etag
W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
69489e447e844414-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 29 Sep 2021 01:11:26 GMT
wf9_ZK3FkN211lqPa9eHRKEVRcw.js
beckernews.com/cdn-cgi/apps/body/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/cdn-cgi/apps/body/wf9_ZK3FkN211lqPa9eHRKEVRcw.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/cdn-cgi/apps/head/RXvX1snpkkVVqv67AyPno-pDCsw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
767e37bcd6daaf0e719be2ba4bba0a36a11040e971b918a068bf8cb0ea9c4aca

Request headers

:path
/cdn-cgi/apps/body/wf9_ZK3FkN211lqPa9eHRKEVRcw.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
217517
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
F1Z87403YAY05F2J
x-amz-id-2
Q5dzPpoKsuXy/UsyWOqfNrdeVMgrW5/vsC3HETm4ISnsFpOStHvkENMnQptuQOb2PyHkJchBXc8=
last-modified
Thu, 18 Mar 2021 12:52:19 GMT
server
cloudflare
etag
W/"4d628b673cad1387db2cd989f9e6ff7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QPKsdgUCEJAbXk8FT2xfads5SPKLCE%2BVJsoY8X0xFUWwI0%2BiUT0GnCaum3UfFeJDYq%2FL5Yn9lLb%2BFFxU4B8qUQj2t%2B7siIzkRxBKh9dOzC2I6LNN1ImDCimthDIN%2FWLng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
LB7ZNXFAI3CyolxnCUcO3sbxJr7XBBwv
cf-ray
69489e444c244138-PRG
wp-emoji-release.min.js
beckernews.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Sep 2021 08:23:19 GMT
server
cloudflare
age
625
etag
W/"613089f7-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdMgkLnAMP14QCjL6pz7PP%2FmjyoJrVfD5cM%2BNU3xkaexzhd1KnKVGqwnNocx7urVyKq80chtFcgYWUBkz0%2BtrLcSF%2BJSaG61ZHRUKSxyaHPoccEfv%2B%2BODK4tCIEsjFyvVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69489e444c254138-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ice.js
resources.infolinks.com/js/1757.010-3.025/ 		584 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1757.010-3.025/ice.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc8562872dc541ccfe9ab57d0d85581b33b22924c126651f11d1dc3456ad7961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
69489e44391a42c9-FRA
date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Sat, 11 Sep 2021 18:19:48 GMT
server
cloudflare
age
10047
etag
W/"91e1d-5cbbc46f1d11c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Mon, 25 Oct 2021 22:23:59 GMT
tielabs-fonticon.woff
beckernews.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

:path
/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
pragma
no-cache
origin
https://beckernews.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
217517
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
40536
last-modified
Sun, 19 Sep 2021 18:53:56 GMT
server
cloudflare
etag
"61478744-9e58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylKDXvFU6PT27H9ZPdya%2FV2r0v%2BbOZSdP20Hacc%2F%2Bg%2FgTAduAyZnDunE19Fo9qHDXqPhxYmFmuhdSQqP3PSoAvwzVue88Fqq6Y91mfJm8odwf0EtIJ1o2kxoAzTLEjPAzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
69489e444c264138-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
14d82f3bb3cc9f0e8724516d767fa5ad
secure.gravatar.com/avatar/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/14d82f3bb3cc9f0e8724516d767fa5ad?s=140&d=mm&r=g
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
503042f95c5f9e265b1b56e7e6010668a6efe9e2f837cca13e5d64892c587412

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 26 Sep 2021 01:11:26 GMT
last-modified
Sun, 06 Dec 2020 04:29:06 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="14d82f3bb3cc9f0e8724516d767fa5ad.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/14d82f3bb3cc9f0e8724516d767fa5ad?s=140&d=mm&r=g>; rel="canonical"
content-length
6127
expires
Sun, 26 Sep 2021 01:16:26 GMT
TrumpJan6FBI-768x419-1.jpg
beckernews.com/wp-content/uploads/2021/09/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beckernews.com/wp-content/uploads/2021/09/TrumpJan6FBI-768x419-1.jpg
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac459870ee1cca5d5d0e026c96ff19dc0a7118534cf508e3a50ca3532ea1228a

Request headers

:path
/wp-content/uploads/2021/09/TrumpJan6FBI-768x419-1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10835
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
81842
last-modified
Sat, 25 Sep 2021 21:44:15 GMT
server
cloudflare
etag
"614f982f-13fb2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6NMx33tgFQDpW1ZBV4zikjylaV16lJMRz1v7%2BgLfMmFlH975foTIW9cmMNfRsEfr2dm6orbSSsqDZabfgEDLOjaoC6swxeKuH4IfYVaBTjk3%2FMSUiQWhY6IYnurCdyD%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
69489e446c2e4138-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		803 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
pbice.js
resources.infolinks.com/js/pbice/3.025/ 		279 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/pbice/3.025/pbice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1757.010-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
69489e44b9ac42c9-FRA
date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 30 Jun 2021 09:40:59 GMT
server
cloudflare
age
11952
etag
W/"45adc-5c5f8851c3ea8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Mon, 25 Oct 2021 21:52:14 GMT
manage
router.infolinks.com/usync/ Frame 8546 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1757.010-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1fee1f6316be5da2004266f828e460949140506f01805e61ae6cc6a16d07c67

Request headers

:method
GET
:authority
router.infolinks.com
:scheme
https
:path
/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://beckernews.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-type
text/html;charset=UTF-8
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69489e450a0442c9-FRA
content-encoding
gzip
lcmanage
router.infolinks.com/usync/ 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1757.010-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
69489e450a0742c9-FRA
content-length
0
gsd
router.infolinks.com/ 		323 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&jsv=1757.010-3.025&_cb=16326186862240
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1757.010-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f43a9ee151e8271c55d372a33b640f76cbc1d1a1aa2a0b29687ff25d8b1978af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/javascript;charset=UTF-8
content-encoding
gzip
cache-control
max-age=0
cf-ray
69489e450a0642c9-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-190122086-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1166
date
Sun, 26 Sep 2021 00:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 26 Sep 2021 02:52:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=629906000&t=pageview&_s=1&dl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&ul=en-us&de=UTF-8&dt=FBI%20Undercover%20Agent%20on%20January%206%20Received%20Text%20That%20Confirms%20No%20Trump-Led%20Plot%20to%20Overturn%202020%20Election%20-%20Becker%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=928005455&gjid=1271849650&cid=908424827.1632618686&tid=UA-190122086-1&_gid=1005920562.1632618686&_r=1&gtm=2ou9m0&z=154437661
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
doq.htm
rt3002.infolinks.com/action/ 		864 B
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3002.infolinks.com/action/doq.htm?pcode=utf-8&r=16326186864341
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1757.010-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b319c02a848b7852089cba92a4b4d242e5454bb18ff532b5e0ecd4298fcf952

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 26 Sep 2021 01:11:30 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
x-application-context
application:prod
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-language
de-DE
access-control-allow-origin
https://beckernews.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
69489e467e732488-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
de.tynt.com/deb/ Frame C9F6 		0
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 92B8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2c316af1b24fb90e49d41ecad6c805423aaea31ca166ffbff0427ad8571bc357

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://router.infolinks.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YU-Ivh73IyxOQmfl4bPqvgAA; CMPS=5216
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|230|241|190|65|176|4
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1574
Expires
Sun, 26 Sep 2021 01:11:26 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:26 GMT
Connection
keep-alive
Set-Cookie
CMID=YU-Ivh73IyxOQmfl4bPqvgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 26 Sep 2022 01:11:26 GMT CMPS=5216;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Dec 2021 01:11:26 GMT CMPRO=1202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Dec 2021 01:11:26 GMT CMRUM3=27614fc8be0b40&41614fc8be05a0&2d614fc8be05a0&be614fc8be05a0&04614fc8be05a0&b0614fc8be05a00&f1614fc8be05a0&e6614fc8be2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 26 Sep 2022 01:11:26 GMT CMST=YU-IvmFPyL4A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 27 Sep 2021 01:11:26 GMT

Redirect headers

Server
Apache
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sun, 26 Sep 2021 01:11:26 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:26 GMT
Connection
keep-alive
Set-Cookie
CMID=YU-Ivh73IyxOQmfl4bPqvgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 26 Sep 2022 01:11:26 GMT CMPS=5216;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 25 Dec 2021 01:11:26 GMT
/
onetag-sys.com/usync/ Frame 36DB 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=598ce3ddaee8c90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://router.infolinks.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
pbm-usync
router.infolinks.com/dyn/ Frame 8546
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDI1RjlGMkItMjM3OC00Rjc1LTgxMDktNEMxMzVBNEJFRjBD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D425F9F2B-2378-4F75-8109-4C135A4BEF0C
  • https://router.infolinks.com/dyn/pbm-usync?uid=425F9F2B-2378-4F75-8109-4C135A4BEF0C
0
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=425F9F2B-2378-4F75-8109-4C135A4BEF0C
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
69489e487e8342c9-FRA
content-length
0
expires
Sat, 26 Sep 2020 01:11:26 GMT

Redirect headers

location
https://router.infolinks.com/dyn/pbm-usync?uid=425F9F2B-2378-4F75-8109-4C135A4BEF0C
date
Sun, 26 Sep 2021 01:11:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apn-usync
router.infolinks.com/dyn/ Frame 8546
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=3182964695445562526
35 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=3182964695445562526
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
69489e469bc542c9-FRA
content-length
35
expires
Sat, 26 Sep 2020 01:11:26 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:26 GMT
X-Proxy-Origin
216.131.114.54; 216.131.114.54; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e52e63e6-9ef3-47b3-8d01-d1628d12e5ad
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://router.infolinks.com/dyn/apn-usync?user_id=3182964695445562526
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
VR-usync
router.infolinks.com/dyn/ Frame 8546
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58422/occ
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
  • https://router.infolinks.com/dyn/VR-usync?uid=y-6nr_1aRE2uEoSkt0EttW81PLFkqAzubeiucJaTk-~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/VR-usync?uid=y-6nr_1aRE2uEoSkt0EttW81PLFkqAzubeiucJaTk-~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
69489e46ec4a42c9-FRA
content-length
35
expires
Sat, 26 Sep 2020 01:11:26 GMT

Redirect headers

Date
Sun, 26 Sep 2021 01:11:26 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://router.infolinks.com/dyn/VR-usync?uid=y-6nr_1aRE2uEoSkt0EttW81PLFkqAzubeiucJaTk-~A
Connection
keep-alive
Content-Length
0
r1-usync
router.infolinks.com/dyn/ Frame 8546
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4504049925
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4504049925
  • https://sync.1rx.io/usersync/tradedesk/351d84be-f55d-482e-aad8-99fde6c2599e
  • https://sync.targeting.unrulymedia.com/csync/RX-1ecc5b10-1d52-4a9f-ba25-c5d99fe6dc6e-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-1ecc5b10-1d52-4a9f-ba25-c5d99fe6dc6e-003
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-1ecc5b10-1d52-4a9f-ba25-c5d99fe6dc6e-003
35 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-1ecc5b10-1d52-4a9f-ba25-c5d99fe6dc6e-003
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
69489e487e8142c9-FRA
content-length
35
expires
Sat, 26 Sep 2020 01:11:26 GMT

Redirect headers

location
https://router.infolinks.com/dyn/r1-usync?uid=RX-1ecc5b10-1d52-4a9f-ba25-c5d99fe6dc6e-003
date
Sun, 26 Sep 2021 01:11:26 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1ecc5b101d524a9fba25c5d99fe6dc6e003
content-type
text/html
zmn-usync
router.infolinks.com/dyn/ Frame 8546
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://router.infolinks.com/dyn/zmn-usync?uid=
35 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
69489e48def542c9-FRA
content-length
35
expires
Sat, 26 Sep 2020 01:11:26 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
70
Content-Type
text/html; charset=utf-8
us
sync.go.sonobi.com/ Frame 8546 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:26 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/ Frame 8546
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fbeckernews.com%252Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-elect...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fbeckernews.com%25252Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump...
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&pid=12306&adnxs_uid=318...
95 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&pid=12306&adnxs_uid=3182964695445562526
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.225.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-225-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sun, 26 Sep 2021 01:11:26 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Sun, 26 Sep 2021 01:11:26 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:26 GMT
X-Proxy-Origin
216.131.114.54; 216.131.114.54; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f6c936a1-e0d8-4034-96b2-cda7caaa1a96
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&pid=12306&adnxs_uid=3182964695445562526
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
dsp.adkernel.com/ Frame 8546 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:26 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
outh-usync
router.infolinks.com/dyn/ Frame 8546
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPac23fe36-1e66-11ec-addc-02da58b6f1ba
  • https://router.infolinks.com/dyn/outh-usync?uid=y-mNsbn9pE2uGNkofIo087Sp3sJKP7mv.q~A~UPac23fe36-1e66-11ec-addc-02da58b6f1ba
35 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-mNsbn9pE2uGNkofIo087Sp3sJKP7mv.q~A~UPac23fe36-1e66-11ec-addc-02da58b6f1ba
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
69489e471c8742c9-FRA
content-length
35
expires
Sat, 26 Sep 2020 01:11:26 GMT

Redirect headers

Date
Sun, 26 Sep 2021 01:11:26 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://router.infolinks.com/dyn/outh-usync?uid=y-mNsbn9pE2uGNkofIo087Sp3sJKP7mv.q~A~UPac23fe36-1e66-11ec-addc-02da58b6f1ba
Connection
keep-alive
Content-Length
0
enbd-usync
router.infolinks.com/dyn/ Frame 8546
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=B651D007CEC343F3B083BD811E73E4F9
  • https://router.infolinks.com/dyn/enbd-usync?uid=1e83a2c9-99c9-4065-9607-fca81112d613
35 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/enbd-usync?uid=1e83a2c9-99c9-4065-9607-fca81112d613
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
69489e4a18c542c9-FRA
content-length
35
expires
Sat, 26 Sep 2020 01:11:27 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/enbd-usync?uid=1e83a2c9-99c9-4065-9607-fca81112d613
Date
Sun, 26 Sep 2021 01:11:26 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
sovrn-usync
router.infolinks.com/dyn/ Frame 8546
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
  • https://router.infolinks.com/dyn/sovrn-usync?uid=5a6b0816c7479ca708bd8960
35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=5a6b0816c7479ca708bd8960
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
69489e47dd9d42c9-FRA
content-length
35
expires
Sat, 26 Sep 2020 01:11:26 GMT

Redirect headers

Date
Sun, 26 Sep 2021 01:11:26 GMT
Server
nginx
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=5a6b0816c7479ca708bd8960
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usersync
router.infolinks.com/dyn/ Frame 8546
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D425F9F2B-2378-4F75-8109-4C135A4BEF0C
  • https://router.infolinks.com/dyn/usersync?pmuservalue=425F9F2B-2378-4F75-8109-4C135A4BEF0C
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/usersync?pmuservalue=425F9F2B-2378-4F75-8109-4C135A4BEF0C
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
69489e487e8442c9-FRA
content-length
0

Redirect headers

location
https://router.infolinks.com/dyn/usersync?pmuservalue=425F9F2B-2378-4F75-8109-4C135A4BEF0C
date
Sun, 26 Sep 2021 01:11:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
iq-usync
router.infolinks.com/dyn/ Frame 8546 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/iq-usync
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
69489e478d1d42c9-FRA
content-length
0
zeta-usync
router.infolinks.com/dyn/ Frame 8546
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=1871316023187230722
35 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=1871316023187230722
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
69489e48aeb942c9-FRA
content-length
35
expires
Sat, 26 Sep 2020 01:11:26 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=1871316023187230722
Date
Sun, 26 Sep 2021 01:11:26 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
ssc-cms.33across.com/ps/ Frame 8546 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.174 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip174.208-100-17.static.steadfastdns.net
Software
33XP004 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-33x-status
2000208
date
Sun, 26 Sep 2021 01:11:26 GMT
server
33XP004
Cookie set /
app.getresponse.com/site2/beckernews/ Frame BE1B 		71 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.getresponse.com/site2/beckernews/?u=yBWGs&webforms_id=Sbymy&v=0
Requested by
Host: app.getresponse.com
URL: https://app.getresponse.com/view_webform_v2.js?u=yBWGs&webforms_id=Sbymy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.9 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
/
Resource Hash
2204358b52460c8b43b97a77d9b2c85aefb1c2e140de6bc784e0e3e287d0483e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
app.getresponse.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://beckernews.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

Date
Sun, 26 Sep 2021 01:11:26 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Set-Cookie
timeout=logout_43200; expires=Sun, 26-Sep-2021 13:11:26 GMT; Max-Age=43200; path=/; domain=getresponse.com gr83p_59db3877322f17e6c0092c106bdf75dd=true; expires=Thu, 25-Nov-2021 01:11:26 GMT; Max-Age=5184000; path=/; domain=.getresponse.com webformv2_opened_41259705=0; expires=Tue, 25-Jan-2022 01:11:26 GMT; Max-Age=10454400; path=/; domain=.getresponse.com webformv2_opened_41259705=0; expires=Tue, 25-Jan-2022 01:11:26 GMT; Max-Age=10454400; path=/; domain=.getresponse.com
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Feature-Policy
accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
Content-Security-Policy-Report-Only
default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
Content-Encoding
gzip
gr_wf_v2.css
app.getresponse.com/stylesheets/core/pages/webFormV2/public/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.getresponse.com/stylesheets/core/pages/webFormV2/public/gr_wf_v2.css
Requested by
Host: app.getresponse.com
URL: https://app.getresponse.com/view_webform_v2.js?u=yBWGs&webforms_id=Sbymy
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.9 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
/
Resource Hash
0c9ac233a87095c82fb409d77e1e8214461f3cffad4ddf119072b3f37caff6b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 01:11:26 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
ETag
W/"1dc09d84-1fd8"
Content-Security-Policy-Report-Only
default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
Content-Type
text/css
Cookie set 13726297860053350
lockerdome.com/lad/ Frame 17AF 		59 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13726297860053350?pubid=ld-13726297860053350-151&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
630092ed4770a643548737d7e22a01379bbbf66bf62249f7d02b299e14c0c271

Request headers

Host
lockerdome.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://beckernews.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

Set-Cookie
account_id=14418326914852352; Domain=.lockerdome.com; Path=/; Expires=Mon, 26 Sep 2022 01:11:26 GMT; Secure; SameSite=None login_token=%2214418326914852352%7C1640394686887%3A%7Call%7CLhGlKWH%2FWMaUNuNHoANE8HHVHJoe1WymtDrXDv8G9ie%2BkFoFJIGZG9IrIvQ80Jks%2FsK2ZCZaVeEOJnoZyWEKiw%3D%3D%22; Domain=.lockerdome.com; Path=/; Expires=Mon, 26 Sep 2022 01:11:26 GMT; Secure; SameSite=None ldrid=bqGRk1ybS4Nn30Y%2FVqJHN4yapaiCX341LJX6ZOqShU8CSF8kA5%2FFuoDvuKmjXHDfNFL%2BtpeKK3ulyYvlc3DEIXVKN4TtZS%2FGuljmXMwrP%2F65tEqK7ftieH6ahK7RFupV; Domain=.lockerdome.com; Path=/; Secure; SameSite=None
P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Content-Length
19798
Date
Sun, 26 Sep 2021 01:11:26 GMT
/
beckernews.com/watch-the-feds-actually-arrest-one-of-their-own-at-staged-justice-for-j6-rally-41540/embed/ Frame AEA6 		62 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/watch-the-feds-actually-arrest-one-of-their-own-at-staged-justice-for-j6-rally-41540/embed/
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
d32fab99b3bd3fd9b552031f7dc53735690d8d8ba57bb90fe20f7d27dd39c63a

Request headers

:method
GET
:authority
beckernews.com
:scheme
https
:path
/watch-the-feds-actually-arrest-one-of-their-own-at-staged-justice-for-j6-rally-41540/embed/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
accept-encoding
gzip, deflate, br
cookie
_ga=GA1.2.908424827.1632618686; _gid=GA1.2.1005920562.1632618686; _gat_gtag_UA_190122086_1=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-type
text/html; charset=UTF-8
cf-ray
69489e468cb84138-PRG
link
<https://beckernews.com/wp-json/>; rel="https://api.w.org/", <https://beckernews.com/wp-json/wp/v2/posts/41540>; rel="alternate"; type="application/json", <https://beckernews.com/?p=41540>; rel=shortlink
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by
PHP/7.4.24
x-wp-embed
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sw%2BaoXqp40QTW%2BG0cJaDKo6GLYh7Q6lHWdoaDxuFywuQOcxEoTgFJ6iE7rGJLNtV0XpzZtCsmQ9ATaJCCkTmSKxL1cD9%2FFAy676vTJXXouvfL8O3o2bjyHfmKB5FzwxfEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cookie set 13726299873319270
lockerdome.com/lad/ Frame D442 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13726299873319270?pubid=ld-13726299873319270-436&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
429d04f8c6f9e012ec32a12b15f1d740bfefff1185e9de2324b26b7a468f448a

Request headers

Host
lockerdome.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://beckernews.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

Set-Cookie
account_id=14418326914852352; Domain=.lockerdome.com; Path=/; Expires=Mon, 26 Sep 2022 01:11:26 GMT; Secure; SameSite=None login_token=%2214418326914852352%7C1640394686887%3A%7Call%7CLhGlKWH%2FWMaUNuNHoANE8HHVHJoe1WymtDrXDv8G9ie%2BkFoFJIGZG9IrIvQ80Jks%2FsK2ZCZaVeEOJnoZyWEKiw%3D%3D%22; Domain=.lockerdome.com; Path=/; Expires=Mon, 26 Sep 2022 01:11:26 GMT; Secure; SameSite=None ldrid=bqGRk1ybS4Nn30Y%2FVqJHN4yapaiCX341LJX6ZOqShU8CSF8kA5%2FFuoDvuKmjXHDfNFL%2BtpeKK3ulyYvlc3DEIXVKN4TtZS%2FGuljmXMwrP%2F65tEqK7ftieH6ahK7RFupV; Domain=.lockerdome.com; Path=/; Secure; SameSite=None
P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Content-Length
14103
Date
Sun, 26 Sep 2021 01:11:26 GMT
Cookie set 13726301584595302
lockerdome.com/lad/ Frame 8FDE 		39 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13726301584595302?pubid=ld-13726301584595302-692&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
2c8affe7eafafcf47be8aa507c705f0afd0535a1d4c1c66ae4305048cc80beab

Request headers

Host
lockerdome.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://beckernews.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

Set-Cookie
account_id=14418326914852352; Domain=.lockerdome.com; Path=/; Expires=Mon, 26 Sep 2022 01:11:26 GMT; Secure; SameSite=None login_token=%2214418326914852352%7C1640394686921%3A%7Call%7CVJZgZ%2FC9pcfgRDsfFPfMWliqDxNdxq24LnIIlYMwK461FifT1a%2FdX7MbNAXNKO9VEv6QmamMeNaY%2B0grSaTTEg%3D%3D%22; Domain=.lockerdome.com; Path=/; Expires=Mon, 26 Sep 2022 01:11:26 GMT; Secure; SameSite=None ldrid=bqGRk1ybS4Nn30Y%2FVqJHN4yapaiCX341LJX6ZOqShU8CSF8kA5%2FFuoDvuKmjXHDfNFL%2BtpeKK3ulyYvlc3DEIXVKN4TtZS%2FGuljmXMwrP%2F65tEqK7ftieH6ahK7RFupV; Domain=.lockerdome.com; Path=/; Secure; SameSite=None
P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Content-Length
11290
Date
Sun, 26 Sep 2021 01:11:26 GMT
platform.js
cdn.vuukle.com/ 		127 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/platform.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0aed5a087fa6ad20f91c4070a501c6dfe23845d1fc167b2e21b3a9e711b49c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
HIT
age
53714
cf-polished
origSize=129795
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 25 Sep 2021 10:14:56 GMT
server
cloudflare
etag
W/"614ef6a0-1fb03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1800
cf-ray
69489e46dc0b4df4-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj
minify
crum
dsum-sec.casalemedia.com/ Frame 92B8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YU-Ivh73IyxOQmfl4bPqvgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHjFjbPv8sIu_TiTVGn2O3k&google_cver=1&gdpr=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHjFjbPv8sIu_TiTVGn2O3k&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 26 Sep 2021 01:11:26 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHjFjbPv8sIu_TiTVGn2O3k&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 92B8 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 92B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YU_Ivh73IyxOQmfl4bPqvgAABLIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YU_Ivh73IyxOQmfl4bPqvgAABLIAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAwsk1lB2pwq_Gkl2ibEjjI&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAwsk1lB2pwq_Gkl2ibEjjI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 26 Sep 2021 01:11:26 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEAwsk1lB2pwq_Gkl2ibEjjI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 92B8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU_Ivh73IyxOQmfl4bPqvgAABLIAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU_Ivh73IyxOQmfl4bPqvgAABLIAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU_Ivh73IyxOQmfl4bPqvgAABLIAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KBZGA4MDX7BY530NAYZ2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
V9YJ0KXT4G0QP1131Z5W
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YU_Ivh73IyxOQmfl4bPqvgAABLIAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
ib.adnxs.com/ Frame 92B8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
rum
dsum.casalemedia.com/ Frame 92B8
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1632705086&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1632705086&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 26 Sep 2021 01:11:26 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1632705086&gdpr=1
pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
113
match.deepintent.com/usersync/ Frame 92B8 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-length
0
server
a
rum
dsum-sec.casalemedia.com/ Frame 92B8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4032601641360509986
43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4032601641360509986
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 26 Sep 2021 01:11:26 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4032601641360509986
pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ix-usync
router.infolinks.com/dyn/ Frame 92B8 		35 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=YU-Ivh73IyxOQmfl4bPqvgAA%261202
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
69489e46ec4842c9-FRA
content-length
35
expires
Sat, 26 Sep 2020 01:11:26 GMT
admin-ajax.php
beckernews.com/wp-admin/ 		67 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-admin/admin-ajax.php?postviews_id=41911&action=tie_postviews&_=1632618686102
Requested by
Host: beckernews.com
URL: https://beckernews.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
6a01173a853fff61bfdd81660ab0e98e5ac0d6d4695577038257937676947096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.908424827.1632618686; _gid=GA1.2.1005920562.1632618686; _gat_gtag_UA_190122086_1=1
:path
/wp-admin/admin-ajax.php?postviews_id=41911&action=tie_postviews&_=1632618686102
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
beckernews.com
referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.24
cf-ray
69489e46fcd14138-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3AF1iNKsVT%2FxSP20fiE31Lky1UXRsfUCnpX2oeDR%2Fr7syAyAcrt5%2BbF15MiO6TaXjpBke6A6AwciwbjG6gvcN5tyowNeSe3R9gTByBQ8kb%2FFox1%2B3DFQKTi7f9W%2FELY5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
fa3347e4170323e894c13c9b3f3aa8b23d4c4d59477296a05d62a826c5306f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49916
x-xss-protection
0
server
cafe
etag
14668228164748662171
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 26 Sep 2021 01:11:26 GMT
advertising.js
rddywd.com/ 		9 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rddywd.com/advertising.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63140
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9
last-modified
Sat, 25 Sep 2021 07:39:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaRw7ghs%2BPdrAHJZfovOwqF5VceyXiIE42ReLqdyv%2BrSh7Pp6NR%2B9Ob%2BL%2B5WuK8v9P3RbyLl9z0ph8%2B2g19zsxZsKbWGNvTh5NgpE53rkuFuJFqv7tq6urTSMejv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86401
accept-ranges
bytes
cf-ray
69489e476f7cf9da-PRG
adcode.png
rddywd.com/ 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rddywd.com/adcode.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://beckernews.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46552
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qW%2BcHYkbVe95SHu%2FJv09JP71MjveN%2Fh8%2Bo5fZrSZV3%2F9imPEUoI4TGuEC9QUxToQ4CqH2mk64qphn2%2B5z9Iba6xCN7yCet6riFBHUC5458TP7Bzxsimo7X4kZ68"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86401
accept-ranges
bytes
cf-ray
69489e476d142794-PRG
generate_204
www.googleapis.com/ 		0
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2669
etag
W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
69489e472c816933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 29 Sep 2021 01:11:26 GMT
getGeo
vuukle.com/ 		90 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vuukle.com/getGeo
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f98bb0b288d162a288ce2caf8406c00c1fd474f0c73a58b5893098271621a9

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,POST,OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-max-age
86400
cf-ray
69489e4799ae4303-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
loadVuukle
api.vuukle.com/api/v1/Comments/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.vuukle.com/api/v1/Comments/loadVuukle?apiKey=58e55d32-a7bb-45b2-86ad-8b070856d8ba&articleId=41911&globalRecommendation=false&host=beckernews.com&start=0&uri=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f96fc731c91b0b75d51d810bbe2bc27471553510c6f457143c9758a0795fb780
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
via
1.1 varnish (Varnish/6.2)
cf-cache-status
DYNAMIC
age
0
access-control-allow-credentiails
true
content-type
application/json; charset=utf-8
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
x-varnish
229950286
access-control-allow-origin
https://beckernews.com
cache-control
no-store,no-cache
access-control-allow-credentials
true
cf-ray
69489e47ae1adfeb-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
beckernews.com.json
cdn.vuukle.com/ads/ 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/ads/beckernews.com.json
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
798a8b67e0a4bfdfa67b3a9b121ce71c90b207f64fef0c857f794f86f6119681

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 25 Sep 2021 16:21:09 GMT
server
cloudflare
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
etag
W/"614f4c75-30f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
69489e4799af5c14-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"998 / 411 of 1000 / last-modified: 1632522815"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25700
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 26 Sep 2021 01:11:26 GMT
/
reporting.powerad.ai/ 		2 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 26 Sep 2021 01:11:26 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
2
pbjs_wrapper.v1.0.js
hb.brainlyads.com/ Frame A35B 		61 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
368c94f8a26ed6a99ca46c4b565e4f2586994d513b47e35cf17cd9a01c423251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:35:05 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"614b7759-f5ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Mon, 27 Sep 2021 01:11:26 GMT
pbjs_wrapper.v1.1.js
hb.brainlyads.com/ Frame C1F8 		63 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
62a241b5bb0abbb690e5fca0412be810b9c22316fbb958c6a9539df6fab09c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:35:05 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"614b7759-fbe5"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
/
powerad.ai/pubPls/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
c198b94166f160853d501bd4e5e0bfb99427dc721683db453e0fa841da45848e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 01:11:26 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
Express
ETag
W/"9bb-bce3uq9CzMlZAL1hIre4s4vqMCI"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://beckernews.com
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
*
web
onesignal.com/api/v1/sync/4591b984-c4cf-431a-ba46-3321f626ffa4/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/4591b984-c4cf-431a-ba46-3321f626ffa4/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
b46e58bceb73bd28661e9e0498f6797587bce97336fb4ba386a70ac0aa9fc533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2272
x-powered-by
Phusion Passenger(R)
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
35c73e76-1f57-4598-a6bf-011d9335401d
x-runtime
0.043897
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"51fd85ef701dacc4075de1eb469532da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-polished
origSize=3356
cf-ray
69489e47eace4414-FRA
access-control-allow-headers
SDK-Version
expires
Sun, 26 Sep 2021 02:11:26 GMT
powerbar.html
cdn.vuukle.com/widgets/ Frame 42B7 		176 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/widgets/powerbar.html?version=2.7.8
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ef1c01e9c1302d70e3d6e1e9ae35e81f48aedf29624d5ed48f2e972abac0ac

Request headers

:method
GET
:authority
cdn.vuukle.com
:scheme
https
:path
/widgets/powerbar.html?version=2.7.8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://beckernews.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-type
text/html
last-modified
Tue, 21 Sep 2021 05:58:02 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=10800
cf-cache-status
HIT
age
408916
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
69489e47df615b50-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cnsnt.platform.js
cdn.vuukle.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/cnsnt.platform.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d131dd58937b4ff2e08a8399ab2ef8d2cea3ce1970f35089728b9070cc2e7bf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
HIT
age
3306
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 25 Sep 2021 10:15:42 GMT
server
cloudflare
etag
W/"614ef6ce-ac2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=3600
cf-ray
69489e47df645b50-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cf-bgj
minify
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/ Frame E2D3 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210922/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://beckernews.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkrWrOb61Rp3Sd9nHyN4-38k7TxMXotNRh9KB28gnh6gbc-GmZXMn7dWDJgdj4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 25 Sep 2021 05:23:04 GMT
expires
Sat, 09 Oct 2021 05:23:04 GMT
content-type
text/html; charset=UTF-8
etag
14847953055219580247
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4613
x-xss-protection
0
age
71302
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
manifest.35779c62dedb17e0486d.js
app.getresponse.com/javascripts/core/webforms/dist/ Frame BE1B 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.getresponse.com/javascripts/core/webforms/dist/manifest.35779c62dedb17e0486d.js
Requested by
Host: app.getresponse.com
URL: https://app.getresponse.com/site2/beckernews/?u=yBWGs&webforms_id=Sbymy&v=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.9 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
/
Resource Hash
791995af533e2ac5bd3bfeb9344684013d5cd30b77bb86f35c64517a210346ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.getresponse.com/site2/beckernews/?u=yBWGs&webforms_id=Sbymy&v=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 01:11:26 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
ETag
W/"1dc09d84-5f4"
Content-Security-Policy-Report-Only
default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
Content-Type
application/javascript
show_webform_shared.chunk.01d964a65cd7199bf113.js
app.getresponse.com/javascripts/core/webforms/dist/ Frame BE1B 		283 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.getresponse.com/javascripts/core/webforms/dist/show_webform_shared.chunk.01d964a65cd7199bf113.js
Requested by
Host: app.getresponse.com
URL: https://app.getresponse.com/site2/beckernews/?u=yBWGs&webforms_id=Sbymy&v=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.9 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
/
Resource Hash
9631687f23ad276f3e8e97af4cf1437b634478e56f9c9267ced4affb5407f1c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.getresponse.com/site2/beckernews/?u=yBWGs&webforms_id=Sbymy&v=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 01:11:26 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
ETag
W/"1dc09d84-46ded"
Content-Security-Policy-Report-Only
default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
Content-Type
application/javascript
show.chunk.ed711e33c1078a5a17d1.js
app.getresponse.com/javascripts/core/webforms/dist/ Frame BE1B 		747 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.getresponse.com/javascripts/core/webforms/dist/show.chunk.ed711e33c1078a5a17d1.js
Requested by
Host: app.getresponse.com
URL: https://app.getresponse.com/site2/beckernews/?u=yBWGs&webforms_id=Sbymy&v=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.9 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
/
Resource Hash
a39544572cf25ccc6a9bc2568105ba6fc52818cc5512a2c07681cba545570bb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.getresponse.com/site2/beckernews/?u=yBWGs&webforms_id=Sbymy&v=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 01:11:26 GMT
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
Accept-Ranges
bytes
ETag
"1dc09d84-2eb"
Content-Length
747
Content-Security-Policy-Report-Only
default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
Content-Type
application/javascript
truncated
/ Frame 42B7 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cd72707a6eb0ba2f481bf98476ada929d93c3cc1ccf2fa702f4e237ddbea113

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.vuukle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2669
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=259200
cf-ray
69489e489ee66933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 29 Sep 2021 01:11:26 GMT
spt
tg1.vuukle.com/api/adserver/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.vuukle.com/api/adserver/spt?AV_TAGID=60cdeb227e407c6a2a4199a4&AV_PUBLISHERID=607eaa2728f57c570863c77a
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0029ee4912d4471314440fdc533cb553279a20675d9c90338d4189618fd18378

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 01:11:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
5043
Expires
Sun, 26 Sep 2021 01:16:27 GMT
prebid3.js
cdn.vuukle.com/static/ 		522 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/static/prebid3.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd2e13ba2f1fc5233918aaae1dfe938786c7ee35b033c038e1d02852bab87ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 25 Sep 2021 16:21:18 GMT
server
cloudflare
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
etag
W/"614f4c7e-827a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
69489e48c8175b50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bq-publish
publish.vuukle.com/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://publish.vuukle.com/bq-publish?callback=&{%22action%22:%22view_page%22,%22hashed_email%22:%22$60ceda-0fd0-4bcf-86ee-2fd1751342c4%22,%22hostname%22:%2258e55d32-a7bb-45b2-86ad-8b070856d8ba%22,%22pubdomain%22:%22beckernews.com%22,%22refDomain%22:%22%22,%22sessionId%22:%2253638bb4-b651-4e30-965b-62ab811181a8%22,%22version%22:%224.20%22,%22articleImg%22:%22%22,%22articleTitle%22:%22FBI%20Undercover%20Agent%20on%20January%206%20Received%20Text%20That%20Confirms%20No%20Trump-Led%20Plot%20to%20Overturn%202020%20Election%22,%22article_id%22:%2241911%22,%22hashed_article_url%22:%22https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F%22,%22referrer%22:%22Kyle%20Becker%22,%22tags%22:%22%22,%22browser%22:%22Chrome%22,%22device%22:%22Desktop%22,%22os%22:%22Windows%22}&_=1489139930741
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://beckernews.com
access-control-allow-credentials
true
cf-ray
69489e48fb264303-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
x-xss-protection
1
bq-publish
publish.vuukle.com/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://publish.vuukle.com/bq-publish?callback=&{%22action%22:%22web_vitals%22,%22hashed_email%22:%22$48b4be-28a5-4e83-9779-7dfd4e804dec%22,%22hostname%22:%2258e55d32-a7bb-45b2-86ad-8b070856d8ba%22,%22pubdomain%22:%22beckernews.com%22,%22refDomain%22:%22%22,%22sessionId%22:%22eb45889c-f797-42d4-8dfc-afec4499a27e%22,%22version%22:%224.20%22,%22articleImg%22:%22%22,%22articleTitle%22:%22FBI%20Undercover%20Agent%20on%20January%206%20Received%20Text%20That%20Confirms%20No%20Trump-Led%20Plot%20to%20Overturn%202020%20Election%22,%22article_id%22:%2241911%22,%22hashed_article_url%22:%22https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F%22,%22referrer%22:%22Kyle%20Becker%22,%22tags%22:%22%22,%22browser%22:%22Chrome%22,%22device%22:%22Desktop%22,%22os%22:%22Windows%22,%22webVitals%22:{%22cls%22:0.029628032903035482,%22fcp%22:1224,%22lcp%22:1352.799}}&_=1489139930741
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://beckernews.com
access-control-allow-credentials
true
cf-ray
69489e48fb254303-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
x-xss-protection
1
icon
onesignal.com/api/v1/apps/4591b984-c4cf-431a-ba46-3321f626ffa4/ 		184 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/4591b984-c4cf-431a-ba46-3321f626ffa4/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
d9a68a4c4bfa7c59739ca435b5ba2cc3547872601f56040c63e60f5ffeae1be5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
24
x-powered-by
Phusion Passenger(R)
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
8caf191c-714d-4808-91aa-b4212c803146
x-runtime
0.007114
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"d9a68a4c4bfa7c59739ca435b5ba2cc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=7200
cf-ray
69489e4999775b68-FRA
access-control-allow-headers
SDK-Version
expires
Sun, 26 Sep 2021 03:11:26 GMT
b46a400b-b0ae-4507-a791-a088e0778328
img.onesignal.com/permanent/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/b46a400b-b0ae-4507-a791-a088e0778328
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
700ef6d5794e7e87ada4629945e7c3b510bcf58945283de4bdf5e317365383f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
cf-cache-status
HIT
age
2249
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6025
x-amz-id-2
MXrf3eUXekArgovgzl3u5Q333FvbcQ6pbYfBSYtgdDZIp8i+bWO8tf9k6VpTAKByafqQ3iwPPCA=
last-modified
Wed, 20 Jan 2021 20:29:39 GMT
server
cloudflare
etag
"915d6dc67e80f4ea9393e126261574ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
N5STMXKNPC4Z8Z3N
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
69489e49cd4b4414-FRA
expires
Wed, 27 Oct 2021 01:11:27 GMT
Hc6PdfQeAi.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.1.182.12 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-182-12.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 01:11:27 GMT
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length
2753
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST, GET, DELETE, PUT
Content-Type
text/plain;charset=UTF-8
251
a.ad.gt/api/v1/u/matches/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&ref=
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.136.108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-136-108.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
194e25aa7a390baf4812617cd2b57321c28ccc822dacd69f8a7eba5a6294a5cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
server
nginx/1.18.0
content-length
3283
content-type
application/javascript
/
reporting.powerad.ai/ 		2 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 26 Sep 2021 01:11:27 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
2
/
hb.brainlyads.com/json-parts/4211/ Frame 4EFB 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/json-parts/4211/?ver=1.0&pageId=1281323931&sizes=[[728,90]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/%22],[%22referrer%22,%22%22],[%22referrerCategory%22,%22Direct%22]]
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
460c1a704ba04adfc29ec1305ac66d7da44dfdb16d9eebe58c486da1fd5de457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
etag
W/"10a4-QlmrxQbIdwlcJ7VHprPgDqKEkc4"
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
*
8df1799c0f0c8a6031c184e6b2db2122f28310f5e1104c93943a22b90b61bf3b_small
cdn1.lockerdomecdn.com/uploads/ Frame 8FDE 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/8df1799c0f0c8a6031c184e6b2db2122f28310f5e1104c93943a22b90b61bf3b_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13726301584595302?pubid=ld-13726301584595302-692&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
034f3e6f65deab10ae8553a80332cddd1324f4b59e0340953964b9ebae2a99a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
last-modified
Thu, 23 May 2019 16:28:06 GMT
server
nginx
etag
"0dc3894241d10d8665dafcf09650182d"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
https://lockerdome.com
accept-ranges
bytes
timing-allow-origin
https://lockerdome.com
content-length
19628
2a562ac35c1f63febd78bd14e2cae4f6347bb5979c59cd6c73cfc9ade784a966_small
cdn1.lockerdomecdn.com/uploads/ Frame 8FDE 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/2a562ac35c1f63febd78bd14e2cae4f6347bb5979c59cd6c73cfc9ade784a966_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13726301584595302?pubid=ld-13726301584595302-692&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
445648ee5d2ffb447c4ee449d87d248d7337283ee75da8369ae812d44e338f88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
last-modified
Wed, 24 Mar 2021 17:58:50 GMT
server
nginx
etag
"925b200d8002dd9b278236039c9a6b03"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
https://lockerdome.com
accept-ranges
bytes
timing-allow-origin
https://lockerdome.com
content-length
19056
dc.js
stats.g.doubleclick.net/ Frame 8FDE 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13726301584595302?pubid=ld-13726301584595302-692&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5009
date
Sat, 25 Sep 2021 23:47:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Sun, 26 Sep 2021 01:47:58 GMT
truncated
/ Frame 8FDE 		10 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7642fabb3da705df23f989fcac1de33b856696179306d69bedb3a1963f32d803

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ Frame 8FDE 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9699f4d624f3211fd0882e0fdb87fdf63b9f2debd680419c6295e0407c3391a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
get_file_from_url.html
app.getresponse.com/ Frame BE1B 		113 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.getresponse.com/get_file_from_url.html?url=https%3A%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DArvo%3A400%2C400i%2C700%2C700i%3Alatin%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%7CRoboto%2BSlab%3A100%2C300%2C400%2C700%3Alatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cvietnamese%2Cgreek%2Cgreek-ext%7CRoboto%2BCondensed%3A300%2C300i%2C400%2C400i%2C700%2C700i%3Alatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cvietnamese%2Cgreek%2Cgreek-ext%7CGrand%2BHotel%3A400%3Alatin%2Clatin-ext%7CMonoton%3A400%3Alatin%7CHanalei%3A400%3Alatin%2Clatin-ext%7CLobster%3A400%3Alatin%2Clatin-ext%2Ccyrillic%2Cvietnamese%7CLobster%2BTwo%3A400%2C400i%2C700%2C700i%3Alatin%7CChanga%2BOne%3A400%2C400i%3Alatin%2Clatin-ext%7CSpecial%2BElite%3A400%3Alatin%7CChewy%3A400%3Alatin%7CLuckiest%2BGuy%3A400%3Alatin%7CFredoka%2BOne%3A400%3Alatin%7CFugaz%2BOne%3A400%3Alatin%7CSansita%2BOne%3A400%3Alatin%7CPacifico%3A400%3Alatin%7CMerienda%2BOne%3A400%3Alatin%7CLato%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%7CSource%2BSans%2BPro%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%2Cvietnamese%7CAmatic%2BSC%3A400%2C700%3Alatin%2Clatin-ext%7CArchivo%2BBlack%3A400%3Alatin%2Clatin-ext%7CAlfa%2BSlab%2BOne%3A400%3Alatin%7CBad%2BScript%3A400%3Alatin%2Ccyrillic%7CBevan%3A400%3Alatin%7CCabin%3A400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%3Alatin%7CCrete%2BRound%3A400%2C400i%3Alatin%2Clatin-ext%7CDosis%3A200%2C300%2C400%2C500%2C600%2C700%2C800%3Alatin%2Clatin-ext
Requested by
Host: app.getresponse.com
URL: https://app.getresponse.com/javascripts/core/webforms/dist/show_webform_shared.chunk.01d964a65cd7199bf113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.9 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
/
Resource Hash
22225d6da5dd59b227e95e5c2ae58db60a771c87df9298a1cb2f6cb24919090e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.getresponse.com/site2/beckernews/?u=yBWGs&webforms_id=Sbymy&v=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Date
Sun, 26 Sep 2021 01:11:27 GMT
X-Frame-Options
sameorigin
Content-Type
text/css; charset=utf-8
Content-Security-Policy-Report-Only
default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
Feature-Policy
accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
get_file_from_url.html
app.getresponse.com/ Frame BE1B 		113 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.getresponse.com/get_file_from_url.html?url=https%3A%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DDancing%2BScript%3A400%2C700%3Alatin%7CDroid%2BSans%3A400%2C700%3Alatin%7COpen%2BSans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%3Alatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cvietnamese%2Cgreek%2Cgreek-ext%7COswald%3A300%2C400%2C700%3Alatin%2Clatin-ext%7CRaleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%3Alatin%7CGlegoo%3A400%2C700%3Alatin%2Clatin-ext%2Cdevanagari%7CGreat%2BVibes%3A400%3Alatin%2Clatin-ext%7CTenor%2BSans%3A400%3Alatin%2Clatin-ext%2Ccyrillic%7CTitillium%2BWeb%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C900%3Alatin%2Clatin-ext%7CLora%3A400%2C400i%2C700%2C700i%3Alatin%2Clatin-ext%2Ccyrillic%7CAmaranth%3A400%2C400i%2C700%2C700i%3Alatin%2Clatin-ext%7COregano%3A400%2C400i%3Alatin%2Clatin-ext%7CQuicksand%3A300%2C400%2C700%3Alatin%7CExo%2B2%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%2Ccyrillic%7CEnglebert%3A400%3Alatin%2Clatin-ext%7CGabriela%3A400%3Alatin%2Clatin-ext%7CYesteryear%3A400%3Alatin%7CJulius%2BSans%2BOne%3A400%3Alatin%2Clatin-ext%7CNeuton%3A200%2C300%2C400%2C400i%2C700%2C800%3Alatin%2Clatin-ext%7CNunito%3A300%2C400%2C700%3Alatin%7CMedula%2BOne%3A400%3Alatin%7CVarela%3A400%3Alatin%2Clatin-ext%7CPT%2BSans%3A400%2C400i%2C700%2C700i%3Alatin%2Ccyrillic%2Ccyrillic-ext%7CWalter%2BTurncoat%3A400%3Alatin
Requested by
Host: app.getresponse.com
URL: https://app.getresponse.com/javascripts/core/webforms/dist/show_webform_shared.chunk.01d964a65cd7199bf113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.9 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
/
Resource Hash
7f13479803e3cf44a7401aad8f6b6bc0a02eea808fa6ab3e3e67dc92ccf1aead
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.getresponse.com/site2/beckernews/?u=yBWGs&webforms_id=Sbymy&v=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Date
Sun, 26 Sep 2021 01:11:27 GMT
X-Frame-Options
sameorigin
Content-Type
text/css; charset=utf-8
Content-Security-Policy-Report-Only
default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
Feature-Policy
accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
style.css
app.getresponse.com/images/common/templates/webform/1/5/ Frame BE1B 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.getresponse.com/images/common/templates/webform/1/5/style.css
Requested by
Host: app.getresponse.com
URL: https://app.getresponse.com/javascripts/core/webforms/dist/show_webform_shared.chunk.01d964a65cd7199bf113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.9 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
/
Resource Hash
d9b2c044b91924b8a5328b5b7965bbf902abedbbb99fbccbbff26e452e7cf78c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.getresponse.com/site2/beckernews/?u=yBWGs&webforms_id=Sbymy&v=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 01:11:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Aug 2021 13:58:19 GMT
ETag
W/"6113d77b-1437"
Content-Security-Policy-Report-Only
default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
Content-Type
text/css
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Expires
Mon, 27 Sep 2021 01:11:27 GMT
avcplayer.js
player.avplayer.com/script/2/v/ 		241 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: tg1.vuukle.com
URL: https://tg1.vuukle.com/api/adserver/spt?AV_TAGID=60cdeb227e407c6a2a4199a4&AV_PUBLISHERID=607eaa2728f57c570863c77a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-145.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1aaac8c7faa577fbb5e2d12a86c0ca350d2bbef197434b3a1941950edb9076c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvM7u-jibhbq8t16PCCtb9GBpGDv7u4IOBnx-qIbF3VKH2t9IB7q7z2cz2eC76899Z2VMUk3cm1lRASijEiP58
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
58536
last-modified
Wed, 01 Sep 2021 15:38:34 GMT
server
UploadServer
etag
"1969bdfd96cc39266035a7f8cfaf56f5"
vary
Accept-Encoding
x-goog-hash
crc32c=Kqo7Pw==
content-language
en
x-goog-generation
1630510714332104
cache-control
public, max-age=300
x-goog-stored-content-length
58536
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 26 Sep 2021 01:16:27 GMT
track
servt.vuukle.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vuukle.com/track?pid=607eaa2728f57c570863c77a&cid=60c37ca68d20f0118e3ae307&cb=1632618687106&r=beckernews.com&stagid=60cdeb227e407c6a2a4199a4&stplid=608a9f291cc704381f4f47f8&e=playerLoaded
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.47.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-47-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
servt.vuukle.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vuukle.com/track?pid=607eaa2728f57c570863c77a&cid=60c37ca68d20f0118e3ae307&cb=1632618687107&r=beckernews.com&stagid=60cdeb227e407c6a2a4199a4&stplid=608a9f291cc704381f4f47f8&e=playerLoaded
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.47.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-47-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
servt.vuukle.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vuukle.com/track?pid=607eaa2728f57c570863c77a&cid=60c37ca68d20f0118e3ae307&cb=1632618687107&r=beckernews.com&stagid=60cdeb227e407c6a2a4199a4&stplid=608a9f291cc704381f4f47f8&e=AV_M3&prbdres=duppos&sn=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.47.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-47-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame A35B 		175 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
last-modified
Tue, 17 Aug 2021 18:51:36 GMT
server
Apache/2.2.15 (CentOS)
etag
"10a1110-2bd37-5c9c5cea2ce36"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=48080
accept-ranges
bytes
content-type
text/javascript
content-length
57427
expires
Sun, 26 Sep 2021 14:32:47 GMT
addAdInfo
publish.vuukle.com/bq-publish/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://publish.vuukle.com/bq-publish/addAdInfo
Protocol
H3
Server
172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://beckernews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
access-control-allow-credentials
true
access-control-allow-headers
content-type Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
POST GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://beckernews.com
x-xss-protection
1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69489e4b0e605c14-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
tcf-2.0-loader.js
s.flocdn.com/cmp/2.1.5/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/cmp/2.1.5/tcf-2.0-loader.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-108.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8548d22e0fe82f9ac98dd5148510c0bb6885aad92f661876a8078b9be620ea2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
wQvfArGm4NUbysSJrtVS3ZpC3nVy3TQX
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 18:56:38 GMT
server
AmazonS3
age
180817
etag
"76a73c81315c9027897fe77eaf004971"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Thu, 23 Sep 2021 22:57:51 GMT
x-amz-cf-pop
FRA2-C2
content-length
731
x-amz-cf-id
mjjz53i4POTnkNSdmbsy_bZL3C3kcwyylqbav8HMu66O20glhCPaOQ==
tcf-2.0-cmp.js
s.flocdn.com/cmp/2.1.5/ 		196 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.flocdn.com/cmp/2.1.5/tcf-2.0-cmp.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-108.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b697ae3266afd70d1108fda9eea78b90db518003f1049e6913ad0e0368723fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
48ARPSLZlw2ZZQ6p5TwVOlBq9Em.2oPT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 18:56:39 GMT
server
AmazonS3
age
221894
etag
"35e7e72756bed474488f67103c1a4b70"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Thu, 23 Sep 2021 11:33:13 GMT
x-amz-cf-pop
FRA2-C2
content-length
48610
x-amz-cf-id
1ZO9k4_MZwtZeoJQu-Tye5f9qp6pKOeExOQi1marW2vejh_ZcR9dSQ==
config.js
confiant-integrations.global.ssl.fastly.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/ 		54 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/config.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04c89cee5d0367366108602ac99bab169386f328b59f2128176bfe9349639356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 01:11:27 GMT
Content-Encoding
gzip
Age
481
X-Cache
HIT
Connection
keep-alive
Content-Length
13400
x-amz-id-2
rDarEjG9wgQcV9FO5Pljdwq4YtPzDG2DWkwPyyq/G71qNVi2y8G+EAXWvHtMO04wtei1U5sRLhw=
X-Served-By
cache-hhn4022-HHN
Last-Modified
Sat, 25 Sep 2021 22:40:40 GMT
Server
AmazonS3
X-Timer
S1632618687.224077,VS0,VE0
ETag
"ddcd80129945963ae4ae2e4766262acd"
x-amz-request-id
KRGVXAKA1PM3RSHH
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
4
addAdInfo
publish.vuukle.com/bq-publish/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publish.vuukle.com/bq-publish/addAdInfo
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://beckernews.com
access-control-allow-credentials
true
cf-ray
69489e4c587b5c14-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
x-xss-protection
1
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
e8f715a77cc5b8cd5d0e1921d4004798db490801a9569e248fa9a5dcdcc07bb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"998 / 529 of 1000 / last-modified: 1632522815"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25700
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 26 Sep 2021 01:11:27 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame C1F8 		175 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
last-modified
Tue, 17 Aug 2021 18:51:36 GMT
server
Apache/2.2.15 (CentOS)
etag
"10a1110-2bd37-5c9c5cea2ce36"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=48080
accept-ranges
bytes
content-type
text/javascript
content-length
57427
expires
Sun, 26 Sep 2021 14:32:47 GMT
97222f405ff7bed99b1b1d05f45a9a7d4286691d085a70d54df48f44e23c0df4_small
cdn1.lockerdomecdn.com/uploads/ Frame D442 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/97222f405ff7bed99b1b1d05f45a9a7d4286691d085a70d54df48f44e23c0df4_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13726299873319270?pubid=ld-13726299873319270-436&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
6140f888abb23f8d193e8a3cd9165859ff9ecf90999d563be7c148b76b094979

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
last-modified
Tue, 27 Jul 2021 20:04:27 GMT
server
nginx
etag
"b5047a702fb97019ba3370464731454a"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
https://lockerdome.com
accept-ranges
bytes
timing-allow-origin
https://lockerdome.com
content-length
26913
d7bfb5a6a6521d027c2d0a598c56ea07c95102dc11d4f38074f46429d8a1d4df_small
cdn1.lockerdomecdn.com/uploads/ Frame D442 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/d7bfb5a6a6521d027c2d0a598c56ea07c95102dc11d4f38074f46429d8a1d4df_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13726299873319270?pubid=ld-13726299873319270-436&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
cc857f7efbc1e048cabc1696de604c3b0f192b684ff5f7d408cbd22556bd568c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
last-modified
Wed, 24 Mar 2021 17:59:39 GMT
server
nginx
etag
"9557a45f10c9c1086194bc35cbd8f20b"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
https://lockerdome.com
accept-ranges
bytes
timing-allow-origin
https://lockerdome.com
content-length
21941
dc.js
stats.g.doubleclick.net/ Frame D442 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13726299873319270?pubid=ld-13726299873319270-436&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5009
date
Sat, 25 Sep 2021 23:47:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Sun, 26 Sep 2021 01:47:58 GMT
d64e5aa2d7ef282a4923719ede4057d6b2d90bec98f0758bdf3be4b2993b0856_small
cdn1.lockerdomecdn.com/uploads/ Frame 17AF 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/d64e5aa2d7ef282a4923719ede4057d6b2d90bec98f0758bdf3be4b2993b0856_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13726297860053350?pubid=ld-13726297860053350-151&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
506a730d36c720dbb48561426cf9c29e9db375e0ffb6c2bce8f6ac77f233b24c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
last-modified
Thu, 22 Jul 2021 19:53:33 GMT
server
nginx
etag
"674a3e20fecf0d5311d7f6fed088ace3"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
https://lockerdome.com
accept-ranges
bytes
timing-allow-origin
https://lockerdome.com
content-length
10800
c9319f22498456f578c6d794de950b5fd7a55d3f9d32ca7ca1107dd2788e6979_small
cdn1.lockerdomecdn.com/uploads/ Frame 17AF 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/c9319f22498456f578c6d794de950b5fd7a55d3f9d32ca7ca1107dd2788e6979_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13726297860053350?pubid=ld-13726297860053350-151&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
76dabf6620367c7f6a0594bc33c4f485e98a58a5d30bd48aa7e0cf3980f4349a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
last-modified
Tue, 23 Mar 2021 21:12:27 GMT
server
nginx
etag
"c44207bf372e4874f9016dbf774726ac"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
https://lockerdome.com
accept-ranges
bytes
timing-allow-origin
https://lockerdome.com
content-length
14887
5a8a2f33d84ffd6f75f4185b3f1154d5627b48e89d0e588cb7da7246b2e74749_small
cdn1.lockerdomecdn.com/uploads/ Frame 17AF 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/5a8a2f33d84ffd6f75f4185b3f1154d5627b48e89d0e588cb7da7246b2e74749_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13726297860053350?pubid=ld-13726297860053350-151&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
2c0c843a90335e1ded417a757158321db97b1a490fd831ee72e8868e8d3103da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
last-modified
Tue, 13 Jul 2021 15:58:52 GMT
server
nginx
etag
"4179c8bc73ca8c11577ee5788d187619"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
https://lockerdome.com
accept-ranges
bytes
timing-allow-origin
https://lockerdome.com
content-length
18338
dc.js
stats.g.doubleclick.net/ Frame 17AF 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13726297860053350?pubid=ld-13726297860053350-151&pubo=https%3A%2F%2Fbeckernews.com&rid=&width=714
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5009
date
Sat, 25 Sep 2021 23:47:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Sun, 26 Sep 2021 01:47:58 GMT
RXvX1snpkkVVqv67AyPno-pDCsw.js
beckernews.com/cdn-cgi/apps/head/ Frame AEA6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/cdn-cgi/apps/head/RXvX1snpkkVVqv67AyPno-pDCsw.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/watch-the-feds-actually-arrest-one-of-their-own-at-staged-justice-for-j6-rally-41540/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2403c547323e252309d499941b20324d71d113374e88da01e7a2bec540568946

Request headers

:path
/cdn-cgi/apps/head/RXvX1snpkkVVqv67AyPno-pDCsw.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
beckernews.com
:scheme
https
sec-fetch-site
cross-site
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
217519
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
Q2HRKWXAX9Y0PFT3
x-amz-id-2
TfBfjRksTc3gimUbm68YD2xx+YPGO1PpAkobBXTddWucA3MfYMNHmvKnUQ/KCG5MTlVkKTMXw2w=
last-modified
Thu, 18 Mar 2021 12:52:20 GMT
server
cloudflare
etag
W/"ffe7e172d4574a588b2d1868db5cb38d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQ%2FG%2FfB6bIX6mLQ%2BJvAfkarw4Et99MYiO1JB2Gb0dTGWECB2YbCIAuQLilNau%2FI9E3Ii9TM0wgMtaux%2FvO7r0WALPxx0fDPZFOiiXjN0vcjGSsRYUPOjLM6dlJULflfs9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
f62hFwR4WjE0xn6AOFt6FCRZ09TOy9Zm
cf-ray
69489e4b1de54138-PRG
bn-favs-150x150.png
beckernews.com/wp-content/uploads/2021/01/ Frame AEA6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beckernews.com/wp-content/uploads/2021/01/bn-favs-150x150.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/watch-the-feds-actually-arrest-one-of-their-own-at-staged-justice-for-j6-rally-41540/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5091be81b842fa184aa87eb73febbff2ba72ec1afc55e959ef29dbbf9b8853

Request headers

:path
/wp-content/uploads/2021/01/bn-favs-150x150.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
beckernews.com
:scheme
https
sec-fetch-site
cross-site
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
217517
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2722
last-modified
Wed, 20 Jan 2021 19:04:09 GMT
server
cloudflare
etag
"60087ea9-aa2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sy03NOhWWGxJbeMPhtzGmUrI%2BKYI443WTIckFKRWltJGNmpPEJUAqO3NxiijCH0Xaap5foONjr3obcCYJ7wsOhTmMlBzhIlYulut9VMEMApaCqogtNRu%2BtwnjZja1aDzSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
69489e4b1de64138-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame D442 		10 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d761897f56457edc168842d6bb38328d73fc21e1a99ba5ebf7d1a2c22da6d860

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ Frame 17AF 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
969b524e261c3984d7d150383f6dba525f0eb1a8e721c14021ac1a589756ee93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ Frame D442 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97b1eabc804cb438be110d8cf78dd1788b659595749ae40bf25a77f3a71da9a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ Frame 17AF 		10 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f4548c509fbb4ee508b86ccf5987d8e8582bf6675b76886238b8397be2fad24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
prebid.js
hb.brainlyads.com/ Frame A35B 		462 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/prebid.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
c9057126ea1f0a44bc850d540403adfad8b718b55ff27b768087585c32a7c4fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:32:40 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"614b76c8-736dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Mon, 27 Sep 2021 01:11:27 GMT
truncated
/ Frame 17AF 		10 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e111afd6384412a76898edb46b33758947b5580d55269dfcebb619e9b2fbced

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		251 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
Vuukle_Logo.png
play.aniview.com/607eaa2728f57c570863c77a/607fe73886f9bc60e66237eb/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.aniview.com/607eaa2728f57c570863c77a/607fe73886f9bc60e66237eb/Vuukle_Logo.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-78.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
261e918e8e6767d021cb4dc761152a7d09ea8d298288776ac2fea357e7801d45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 01:11:27 GMT
X-GUploader-UploadID
ABg5-UzTbwcvZj1cZ65Zq3ljSMwVsMPLCFLPZqXfeBo1R7WeQ8U3lXpckLxjtubSNq3OPvt47VPm-u579DgzfLuxOLV_uPNXbg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
2011
Last-Modified
Wed, 21 Apr 2021 08:50:07 GMT
Server
UploadServer
ETag
"70e93cb7c40233baa5b4491131508d88"
x-goog-hash
crc32c=76+VqQ==
x-goog-generation
1618995007463943
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=1800
x-goog-stored-content-length
2011
Accept-Ranges
bytes
Content-Type
image/png
Expires
Sun, 26 Sep 2021 01:41:27 GMT
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame 69AF 		355 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-78.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
fcfe5110ac9c49cc22d5eac8f5d53c480f48c0830b006769b0beb021a36d1010

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvTayF7ZYBvR-fAEQVkUDIOs3CeFHekNDtxPeXyBUMEGBpVHD85KEPvRiFmz9atu9dZgybH0KIqoX9AKo9ehFocezQxHw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
101720
last-modified
Thu, 23 Sep 2021 12:42:07 GMT
server
UploadServer
etag
"891a8b46a3af77201c37b70dc26e1f64"
vary
Accept-Encoding
x-goog-hash
crc32c=rC86JQ==, md5=iRqLRqOvdyAcN7cNwm4fZA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1632400927531319
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
101720
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 26 Sep 2021 01:16:27 GMT
wf9_ZK3FkN211lqPa9eHRKEVRcw.js
beckernews.com/cdn-cgi/apps/body/ Frame AEA6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/cdn-cgi/apps/body/wf9_ZK3FkN211lqPa9eHRKEVRcw.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/cdn-cgi/apps/head/RXvX1snpkkVVqv67AyPno-pDCsw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
767e37bcd6daaf0e719be2ba4bba0a36a11040e971b918a068bf8cb0ea9c4aca

Request headers

:path
/cdn-cgi/apps/body/wf9_ZK3FkN211lqPa9eHRKEVRcw.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
beckernews.com
:scheme
https
sec-fetch-site
cross-site
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
217518
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
F1Z87403YAY05F2J
x-amz-id-2
Q5dzPpoKsuXy/UsyWOqfNrdeVMgrW5/vsC3HETm4ISnsFpOStHvkENMnQptuQOb2PyHkJchBXc8=
last-modified
Thu, 18 Mar 2021 12:52:19 GMT
server
cloudflare
etag
W/"4d628b673cad1387db2cd989f9e6ff7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMOxFi4gPBjb2rjWBrLfz0nL2lpiclPuP8g44%2Fq92rUS5sQt%2FnhsXBcVQWiJn0Rprka7EC9PZMQcXXQqzgtzZMyShvf7JiYwh2vk%2BJBPBSH282x4x6qzDwZQ3xWa9ivJ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
LB7ZNXFAI3CyolxnCUcO3sbxJr7XBBwv
cf-ray
69489e4c0e204138-PRG
wp-emoji-release.min.js
beckernews.com/wp-includes/js/ Frame AEA6 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beckernews.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: beckernews.com
URL: https://beckernews.com/watch-the-feds-actually-arrest-one-of-their-own-at-staged-justice-for-j6-rally-41540/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.195.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
beckernews.com
:scheme
https
sec-fetch-site
cross-site
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Sep 2021 08:23:19 GMT
server
cloudflare
age
626
etag
W/"613089f7-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeCeGg1w0SePOLKInOfELKsR5eTtSuVGTCYm0KPRbo03Vaz3H4RVvk4Hnez9wSdDX6rX%2B%2FnQXTEIJCgs89J2yb1QDRSQpSdALw%2FK4kAolt0JYH%2BhoyGMxIAjFnnVIBLLGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69489e4c0e214138-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
truncated
/ Frame AEA6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202109231016/ 		179 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202109231016/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c91dad330c16c5895489912b1136b4b330ff386868edce1e5c7852913274be9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 01:11:27 GMT
Content-Encoding
gzip
Age
811
X-Cache
HIT
Connection
keep-alive
Content-Length
58483
x-amz-id-2
aalZMYuCBQQYsQa+YQ0baTyLECPI1sldcw6cS87AgX3p0KOwkzpvfvGPecSoe8n1VU3r2Ek51Fg=
X-Served-By
cache-hhn4022-HHN
Last-Modified
Thu, 23 Sep 2021 14:17:45 GMT
Server
AmazonS3
X-Timer
S1632618687.414639,VS0,VE0
ETag
"4a36118c85e655f97fa047933325892e"
x-amz-request-id
9B90X8ZS47YKQ4JA
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
285
Vuukle_default_1.mp4
media.vuukle.com/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://media.vuukle.com/Vuukle_default_1.mp4
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://beckernews.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Aug 2021 05:39:20 GMT
server
cloudflare
age
408923
etag
"6114b408-19557c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 0-1660283/1660284
cache-control
max-age=31536000
cf-ray
69489e4c8fff4df4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
1660284
gpt.js
www.googletagservices.com/tag/js/ Frame 6927 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
2987d1f761378ab8114e7f3a45e345b21b777a8497be57d3c09a56ea940ba211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"998 / 467 of 1000 / last-modified: 1632522815"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25700
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 26 Sep 2021 01:11:27 GMT
prebid.js
hb.brainlyads.com/ Frame C1F8 		462 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/prebid.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
c9057126ea1f0a44bc850d540403adfad8b718b55ff27b768087585c32a7c4fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:32:40 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"614b76c8-736dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Mon, 27 Sep 2021 01:11:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame AEA6 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0e16f4c115b0662fbe6d1f8c138f99256dfa2c72d3f58d7fda7c6e8507ca295c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49922
x-xss-protection
0
server
cafe
etag
8836765090215586122
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 26 Sep 2021 01:11:27 GMT
advertising.js
rddywd.com/ Frame AEA6 		9 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rddywd.com/advertising.js
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63141
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9
last-modified
Sat, 25 Sep 2021 07:39:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97hotKoTLkfnfIZr4YQJZdcZcRZuGhnePapC8OcId2uoYwPpgIJJIVbugQGOQRX3b1d8wPA03znKX7bpdaxkQoqnrkW33YzDF4SjTY0GLdgwq%2Fw4bt9osMYDnfdk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86401
accept-ranges
bytes
cf-ray
69489e4cade84108-PRG
adcode.png
rddywd.com/ Frame AEA6 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rddywd.com/adcode.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/watch-the-feds-actually-arrest-one-of-their-own-at-staged-justice-for-j6-rally-41540/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62392
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUau%2F9jHuTHn%2FZF7V8u1HIgmTeoYQxz5FkTiY9WclNmhpSagM4fwOtZ74ZfQW8JD5wbv%2BdQnfSOCJaMR4C9iYTLa1Q5%2Bhu68iT8Y%2FmSKjtRRfA9vY1CIponkXUvZ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86401
accept-ranges
bytes
cf-ray
69489e4cb9c6278c-PRG
generate_204
www.googleapis.com/ Frame AEA6 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: beckernews.com
URL: https://beckernews.com/watch-the-feds-actually-arrest-one-of-their-own-at-staged-justice-for-j6-rally-41540/embed/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
truncated
/ Frame AEA6 		397 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
pubads_impl_2021092201.js
securepubads.g.doubleclick.net/gpt/ 		336 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062918
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
9a9a466cd927c64b4e9b81e29beec7d80422fb985b26a1ec038abea10c74c1eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120420
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 08:37:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 26 Sep 2021 01:11:27 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		92 B
106 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=beckernews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
38f85611925a095ed688e7bcdcce4bfbb29663be2c307fc6886f9dfdda1cb3f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81
x-xss-protection
0
expires
Sun, 26 Sep 2021 01:11:27 GMT
truncated
/ Frame AEA6 		803 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
Vuukle_default_1.mp4
media.vuukle.com/ 		53 KB
54 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://media.vuukle.com/Vuukle_default_1.mp4
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e34c1f33699b063fdeabd6f6097f5dee67969aa618a86e44765b945d0ad9197

Request headers

Referer
https://beckernews.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=1605632-

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Aug 2021 05:39:20 GMT
server
cloudflare
age
408923
etag
"6114b408-19557c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 1605632-1660283/1660284
cache-control
max-age=31536000
cf-ray
69489e4cebe85b50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
54652
track
servt.vuukle.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vuukle.com/track?r=beckernews.com&sn=&ic=0&tgt=0&app=&wi=400&he=300&test=&apppkg=&fv=3&proto=https&pid=607eaa2728f57c570863c77a&cid=60c37ca68d20f0118e3ae307&stagid=60cdeb227e407c6a2a4199a4&stplid=608a9f291cc704381f4f47f8&e=inventory&vi=0&cb=1632618687512
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.47.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-47-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pubads_impl_2021092001.js
securepubads.g.doubleclick.net/gpt/ Frame 6927 		336 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js?31062904
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120245
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 08:37:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 26 Sep 2021 01:11:27 GMT
/
serv.vuukle.com/api/adserver/tag/ 		19 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv.vuukle.com/api/adserver/tag/?AV_TAGID=60cdeb227e407c6a2a4199a4&AV_PUBLISHERID=607eaa2728f57c570863c77a&AV_VIDEOURL=https%3A%2F%2Fmedia.vuukle.com%2FVuukle_default_1.mp4&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&AV_CHANNELID=60c37ca68d20f0118e3ae307&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=beckernews.com&AV_DADPOS=3&AV_TAG=60cdeb227e407c6a2a4199a4&AV_TEMPLATE=608a9f291cc704381f4f47f8&v=6.1.1.243&avtoken=687512&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=1632618687544
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.102.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-102-109.compute-1.amazonaws.com
Software
/
Resource Hash
3f6da00e1e732b578e02771bb6b159345bf62a55438af02ce1b52c568a39179b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://beckernews.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 14 Sep 2021 11:24:47 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=beckernews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		449 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3325057899195323&correlator=4132998471373476&output=ldjh&impl=fif&eid=31061422%2C31062392%2C31062918%2C31062465&vrg=2021092201&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210926&iu_parts=213794966%3A22564066674%2Cvuukle-widget%2Cbeckernews.com&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C250x250%7C272x391%7C272x360%7C300x250%7C300x50%7C312x260%7C320x50%7C320x250%7C320x320%7C320x100%7C327x272%7C335x250%7C336x280%7C360x360%7C360x250%7C364x303%7C364x373%7C366x305%7C366x375%7C366x359%7C372x250%7C374x250%7C375x375%7C384x320%7C387x359%7C400x300%7C400x250%7C412x412%7C414x414%7C468x60%7C480x300%7C600x410%7C600x400%7C600x300&prev_scp=refreshIteration%3D0&eri=4&cust_params=url%3Dhttps%253A%252F%252Fbeckernews.com%252Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%252F%26words%3Dfbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%26CMP_accepted%3D0%26order%3D4%26api_key%3D58e55d32-a7bb-45b2-86ad-8b070856d8ba&cookie_enabled=1&bc=31&abxe=1&dt=1632618687599&dlt=1632618685638&idt=1916&frm=20&biw=1600&bih=1200&oid=3&adxs=438&adys=8003&adks=1072976190&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=713x330&msz=713x0&ga_vid=908424827.1632618686&ga_sid=1632618688&ga_hid=629906000&ga_fc=true&fws=4&ohw=713&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b1366a64d1d8301e5d1ff1687b9edfd194803a6126e15ef3dfd46b6c6cf93f96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
224
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c99cab225d5657697a695f1bc4aa8fb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 83A4 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c99cab225d5657697a695f1bc4aa8fb4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c99cab225d5657697a695f1bc4aa8fb4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://beckernews.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 26 Sep 2021 01:11:27 GMT
expires
Mon, 26 Sep 2022 01:11:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3325057899195323&correlator=4132998471373476&output=ldjh&impl=fif&eid=31061422%2C31062392%2C31062918%2C31062465&vrg=2021092201&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210926&iu_parts=213794966%3A22564066674%2Cvuukle-widget%2Cbeckernews.com-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C250x250%7C272x391%7C272x360%7C300x250%7C300x50%7C312x260%7C320x50%7C320x250%7C320x320%7C320x100%7C327x272%7C335x250%7C336x280%7C360x360%7C360x250%7C364x303%7C364x373%7C366x305%7C366x375%7C366x359%7C372x250%7C374x250%7C375x375%7C384x320%7C387x359%7C400x300%7C400x250%7C412x412%7C414x414%7C468x60%7C480x300%7C600x410%7C600x400%7C600x300&prev_scp=refreshIteration%3D0&eri=4&cust_params=url%3Dhttps%253A%252F%252Fbeckernews.com%252Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%252F%26words%3Dfbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%26CMP_accepted%3D0%26order%3D4%26api_key%3D58e55d32-a7bb-45b2-86ad-8b070856d8ba&cookie_enabled=1&bc=31&abxe=1&dt=1632618687606&dlt=1632618685638&idt=1916&frm=20&biw=1600&bih=1200&oid=3&adxs=438&adys=8333&adks=4219403195&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=713x330&msz=713x0&ga_vid=908424827.1632618686&ga_sid=1632618688&ga_hid=629906000&ga_fc=true&fws=4&ohw=713&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
fab2d54eff3f2ca661b1095ea40aa9833adecf10accbbc27f40431f6051e6e17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12118
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://beckernews.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		451 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3325057899195323&correlator=4132998471373476&output=ldjh&impl=fif&eid=31061422%2C31062392%2C31062918%2C31062465&vrg=2021092201&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210926&iu_parts=213794966%3A22564066674%2Cvuukle-widget%2Cbeckernews.com-4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50%7C320x250%7C336x280&prev_scp=refreshIteration%3D0%26order%3D7&eri=4&cust_params=url%3Dhttps%253A%252F%252Fbeckernews.com%252Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%252F%26words%3Dfbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%26CMP_accepted%3D0%26order%3D4%26api_key%3D58e55d32-a7bb-45b2-86ad-8b070856d8ba&cookie_enabled=1&bc=31&abxe=1&dt=1632618687609&dlt=1632618685638&idt=1916&frm=20&biw=1600&bih=1200&oid=3&adxs=413&adys=4934&adks=4004498395&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=713x0&msz=713x0&ga_vid=908424827.1632618686&ga_sid=1632618688&ga_hid=629906000&ga_fc=true&fws=4&ohw=713&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
3e502cfb0a80d65e0664272f7715dcb92d5a3af769bbcad9b315b72e1b939ca8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		451 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3325057899195323&correlator=4132998471373476&output=ldjh&impl=fif&eid=31061422%2C31062392%2C31062918%2C31062465&vrg=2021092201&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210926&iu_parts=213794966%3A22564066674%2Cvuukle-widget%2Cbeckernews.com-5&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C272x391%7C272x360%7C300x250%7C300x50%7C312x260%7C320x50%7C320x250%7C320x320%7C327x272%7C335x250%7C336x280&prev_scp=refreshIteration%3D0&eri=4&cust_params=url%3Dhttps%253A%252F%252Fbeckernews.com%252Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%252F%26words%3Dfbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%26CMP_accepted%3D0%26order%3D4%26api_key%3D58e55d32-a7bb-45b2-86ad-8b070856d8ba&cookie_enabled=1&bc=31&abxe=1&dt=1632618687615&dlt=1632618685638&idt=1916&frm=20&biw=1600&bih=1200&oid=3&adxs=438&adys=6787&adks=1420443608&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=713x0&msz=713x0&ga_vid=908424827.1632618686&ga_sid=1632618688&ga_hid=629906000&ga_fc=true&fws=4&ohw=713&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
35546a6bbe7271b590c93a9fa57d372388614f578bcf2ea6c31cc2fb6a7f5059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
228
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
haloid
aufp.io/api/v1/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aufp.io/api/v1/haloid
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.151.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-151-79.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:28 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 18:05:26 GMT
server
nginx/1.18.0
etag
W/"1632420326.0-6132-2958560116"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*, *
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
public, max-age=43200
origin-trial
A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires
Sun, 26 Sep 2021 13:11:28 GMT
251
p.ad.gt/api/v1/p/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/251
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.90.128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-90-128.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8027119f899b59c2af3b0ccb2c7d1323fb3891a1235ab54309fe5337b92cd1c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:28 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 18:03:46 GMT
server
nginx/1.18.0
etag
W/"1632420226.0-26098-2710964840"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
public, max-age=43200
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires
Sun, 26 Sep 2021 13:11:28 GMT
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b&adnxs_id=$UID
  • https://ids.ad.gt/api/v1/match?id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b&adnxs_id=3182964695445562526
43 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b&adnxs_id=3182964695445562526
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:28 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Sun, 26 Sep 2021 13:11:28 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:27 GMT
X-Proxy-Origin
216.131.114.54; 216.131.114.54; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f22f4ee3-69b5-4099-8216-00066395c156
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ids.ad.gt/api/v1/match?id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b&adnxs_id=3182964695445562526
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
  • https://ids.ad.gt/api/v1/t_match?tdid=351d84be-f55d-482e-aad8-99fde6c2599e&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
43 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=351d84be-f55d-482e-aad8-99fde6c2599e&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:28 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Sun, 26 Sep 2021 13:11:28 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=351d84be-f55d-482e-aad8-99fde6c2599e&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Da74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
  • https://ids.ad.gt/api/v1/pbm_match?pbm=425F9F2B-2378-4F75-8109-4C135A4BEF0C&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=425F9F2B-2378-4F75-8109-4C135A4BEF0C&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:28 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Sun, 26 Sep 2021 13:11:28 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=425F9F2B-2378-4F75-8109-4C135A4BEF0C&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
date
Sun, 26 Sep 2021 01:11:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
  • https://ids.ad.gt/api/v1/g_match?id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b&google_gid=CAESEKNHBl-NOQRFVzgD7XvMt94&google_cver=1&google_ula=450542624,0
43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b&google_gid=CAESEKNHBl-NOQRFVzgD7XvMt94&google_cver=1&google_ula=450542624,0
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:28 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Sun, 26 Sep 2021 13:11:28 GMT

Redirect headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ids.ad.gt/api/v1/g_match?id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b&google_gid=CAESEKNHBl-NOQRFVzgD7XvMt94&google_cver=1&google_ula=450542624,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YTc0ZTVmNGYtZWZiNi00ZjQyLWJkYzktNWU3NGViYzE5ZTVi
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YTc0ZTVmNGYtZWZiNi00ZjQyLWJkYzktNWU3NGViYzE5ZTVi
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=YTc0ZTVmNGYtZWZiNi00ZjQyLWJkYzktNWU3NGViYzE5ZTVi
date
Sun, 26 Sep 2021 01:11:28 GMT
server
nginx/1.18.0
content-length
473
content-type
text/html; charset=utf-8
ppnt_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
  • https://ids.ad.gt/api/v1/ppnt_match?uid=1Xn0aRdAQKF7&ev=1&pid=562316&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ppnt_match?uid=1Xn0aRdAQKF7&ev=1&pid=562316&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:28 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Sun, 26 Sep 2021 13:11:28 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://ids.ad.gt/api/v1/ppnt_match?uid=1Xn0aRdAQKF7&ev=1&pid=562316&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7cfb485474-bftv5
expires
-1
cm
trc.taboola.com/sg/audigent/1/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3Da74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Sun, 26 Sep 2021 01:11:27 GMT
via
1.1 varnish
server
nginx
x-timer
S1632618688.671099,VS0,VE9
x-served-by
cache-hhn4050-HHN
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
beeswax_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b&_bee_ppp=1
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AACU3E7Cn5EAADNedUcCCw&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AACU3E7Cn5EAADNedUcCCw&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:28 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Sun, 26 Sep 2021 13:11:28 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AACU3E7Cn5EAADNedUcCCw&id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
Date
Sun, 26 Sep 2021 01:11:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
Vuukle_default_1.mp4
media.vuukle.com/ 		2 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://media.vuukle.com/Vuukle_default_1.mp4
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.22.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://beckernews.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=65536-

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
cf-cache-status
HIT
last-modified
Thu, 12 Aug 2021 05:39:20 GMT
server
cloudflare
age
408923
etag
"6114b408-19557c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 65536-1660283/1660284
cache-control
max-age=31536000
cf-ray
69489e4ddc8c5b50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
1594748
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbeckernews.com%2F&domain=beckernews.com&cw=1&lsw=1
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://beckernews.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://beckernews.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1371
date
Sun, 26 Sep 2021 01:11:26 GMT
content-encoding
gzip
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame A35B 		347 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbeckernews.com%2F&domain=beckernews.com&cw=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
1e67077bbd7be85b37ddf0954e0cdd972e1cb6bc12d7b7f3b954a05fe56bdadc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 26 Sep 2021 01:11:27 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://beckernews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2331
expires
0
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
hb
ssc.33across.com/api/v1/ Frame A35B 		65 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cr89i2Jber64kIaKjGFx_2
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
419bf1164e3203f3e5dcb42fa9c7148c6e92894c28bf2c97cabda3b1d4ba8175

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 26 Sep 2021 01:11:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://beckernews.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
imp
g2.gumgum.com/hbid/ Frame A35B 		2 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=i34rz4a5&pi=2&schain=1.0%2C1!nextmillennium.io%2C15215%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.39.0%22%7D&ogu=null&ns=10240
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.41.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-41-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:27 GMT
content-type
application/json;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://beckernews.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
mvo
tag.1rx.io/rmp/226647/0/ Frame A35B 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/226647/0/mvo?z=1r&hbv=4.39,2.1
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://beckernews.com
pragma
no-cache
date
Sun, 26 Sep 2021 01:11:27 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
hbjson
grid.bidswitch.net/ Frame A35B 		2 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://beckernews.com
Date
Sun, 26 Sep 2021 01:11:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Length
2
Content-Type
application/json; charset=UTF-8
prebid
ib.adnxs.com/ut/v3/ Frame A35B 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
df7e44d506046cd36a76b4a2038801997c1f2907da4f102fb54b6e2bd39b67fe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:27 GMT
X-Proxy-Origin
216.131.114.54; 216.131.114.54; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c61d4e8c-a64e-4971-8ad1-1617f376cbb5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://beckernews.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A35B 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17888&site_id=307328&zone_id=2128122&size_id=2&p_pos=atf&rp_schain=1.0,1!nextmillennium.io,15215,1,,,&eid_pubcid.org=10015adb-6d7c-470b-b004-c24e560fc3ac%5E1&rf=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&tk_flint=pbjs_lite_v4.39.0&x_source.tid=18152a6c-99bb-425a-b07c-0b7edaa6355f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11437610930549669
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7ea78e306ac16fe8d50093b56b31f965ce7f3f3930c52255382913223f285198

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 26 Sep 2021 01:11:27 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://beckernews.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ Frame A35B 		15 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://beckernews.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
integrator.js
adservice.google.com/adsid/ Frame 6927 		0
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6927 		0
0
container.html
2d1fdc6274df0735a105f2b8ad1927c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C30 		0
0
track
servt.vuukle.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servt.vuukle.com/track?r=beckernews.com&sn=&ic=0&tgt=0&app=&wi=400&he=300&test=&apppkg=&fv=3&proto=https
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=607eaa2728f57c570863c77a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.47.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-47-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 26 Sep 2021 01:11:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012109032350000/ 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109032350000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
5b50180d19361f6fe64b58067f1a933a07fe538c8d88c81497076713b2872957
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
181960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55553
x-xss-protection
0
server
sffe
date
Thu, 23 Sep 2021 22:38:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ff855bcab669fc1a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 22:38:48 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012109032350000/v0/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109032350000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
b0dd411f02f5b629666261dc8dd9ac72bef9d6fb1fbacddb4463919343734e28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
181956
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4990
x-xss-protection
0
server
sffe
date
Thu, 23 Sep 2021 22:38:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a08f7255b8f87285"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 22:38:52 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012109032350000/v0/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109032350000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
ae625e9e6b3122d32b8d11214bd5cc002949da0c906f9418053f6a23a821ec5c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
181955
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28534
x-xss-protection
0
server
sffe
date
Thu, 23 Sep 2021 22:38:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fcb7bfffafc8a349"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 22:38:53 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012109032350000/v0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109032350000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
f599aefbfabdfe52cc2ad3ed7db44f24b715b50c263438c4cd7818f728f51073
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
181955
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1640
x-xss-protection
0
server
sffe
date
Thu, 23 Sep 2021 22:38:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8affbe378de64f77"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 22:38:53 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012109032350000/v0/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109032350000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
5273296fe3bf7de7a8a3e91d887085df23af6452519e0b654aeb712aa5d0df95
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
181955
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12817
x-xss-protection
0
server
sffe
date
Thu, 23 Sep 2021 22:38:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"326015506c318bde"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 22:38:53 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 23:56:20 GMT
server
ESF
date
Sun, 26 Sep 2021 01:11:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Sep 2021 01:11:28 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 25 Sep 2021 18:27:02 GMT
x-content-type-options
nosniff
server
cafe
age
24266
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Sun, 26 Sep 2021 18:27:02 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 25 Sep 2021 19:50:12 GMT
x-content-type-options
nosniff
server
cafe
age
19276
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sun, 26 Sep 2021 19:50:12 GMT
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqVrNhcrnrXe7ybI2SfU6PRiADmNn_MPKkSHPNhpr-9v386Qkdalq9-jjeFh_0QqVlron5
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ch1k0v8hPYdi6L-fG7_UPysSBiATawr_BYonlmeLgDcCNtwEQASDu_opKYPkFoAG5nKfYA8gBCakCyMPevL7BhD7gAgCoAwHIAwqqBOwCT9DEtV3GaDojhBFPY3RGk5_f4QwX3ZDhB7O-krWaV5Ayl1R4frmXz0Iu4xDCLOuPvZYyx99yK3weucCQ2yJqGaJ1wQ1EVxNO5OMfXKX_sBNUyzNdZCEWVyEFHa15Ic2STMcIDmLFL6qs3H5TOVsbcUxbUCa9dYfXXcYMG6cvYsLjdEH1Wg90oLxlwdpFd-hcIRjkAg3UVdrh2enWUH6vJ_EWroJHP3PLwMums_k5-JtzazURGsfy1sgzDty1qvrhkGL3Fv_vm6hZyyzRtxCPLU04XFEz3sdKSqLsD3B3kYhKjmzjL-dBMHRTJZ190fxZcXsqADAiFhQzaI7y_dyOBv0E06Av4ZKK97DUUA7qX5cdbXDn9Y_JaG-5u8PKCE7IjbaPbSDthYIyO2Vt6iq12lHXzn2KCRy8XSUBXm3gOmvAHpIrebJVvPiNUtOrh6rFQ5RVM2trYGI9aQoHBjGM_0oyGcDEG-NvgXs2X8AEl7q1msYD4AQBkgUECAQYAZIFBAgFGASgBi6AB6_j2CeoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcDEPAu0ggJCIDhgGAQARgd8ggbYWR4LXN1YnN5bi0zMTQzMjQ4MjYyNTU1ODEwgAoDyAsB2BMNiBQC0BUBgBcBshceChwIABIUcHViLTM0OTQ1MjA0Njg3ODg1ODkYhqcl&sigh=FMDx3uB1s1Q&template_id=484
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
downsize_200k_v1
tpc.googlesyndication.com/simgad/5654885522977824021/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5654885522977824021/downsize_200k_v1?w=400&h=209
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
5bd59ca1984a57d696b8671f59f467f337b1734346663b9c4a06c5054ee4e9bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 11:10:45 GMT
x-content-type-options
nosniff
age
309643
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17703
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 06:15:09 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Sep 2022 11:10:45 GMT
truncated
/ 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5507e079d0433299e737b04b2f3f36df25c5c0f0c74c0ed00864f7a3a7cffcb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:45 GMT
x-content-type-options
nosniff
age
290383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:45 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beckernews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:32:14 GMT
x-content-type-options
nosniff
age
290354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:32:14 GMT
getpixels
pixels.ad.gt/api/v1/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		0
0
ecommerce.js
www.google-analytics.com/plugins/ua/ 		0
0
ec.js
www.google-analytics.com/plugins/ua/ 		0
0
openx
ids.ad.gt/api/v1/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8...
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm...
  • https://ids.ad.gt/api/v1/openx?openx_id=f279abc3-5cf2-4d5a-abe3-30417459c667&id=02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1e...
43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/openx?openx_id=f279abc3-5cf2-4d5a-abe3-30417459c667&id=02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl&auid=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:28 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Sun, 26 Sep 2021 13:11:28 GMT

Redirect headers

date
Sun, 26 Sep 2021 01:11:28 GMT
content-encoding
gzip
server
OXGW/16.216.3
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ids.ad.gt/api/v1/openx?openx_id=f279abc3-5cf2-4d5a-abe3-30417459c667&id=02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl&auid=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
halo_match
ids.ad.gt/api/v1/ 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b&halo_id=02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl
Requested by
Host: beckernews.com
URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.229.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-229-85.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 01:11:28 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Sun, 26 Sep 2021 13:11:28 GMT
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSIeLUfMAMDoWJhwOaU8fy8cXRkfyBt3BKBTeWkgwrgbmJWC7QEgv5IWxrXv0q5KdN2c3V86isGUFieKUmTKuRlT-q4rpImhb7cXTFuLutcgAQlLxLUA&sai=AMfl-YQI-imkYQ_l1NKt8D5VNIAlZnw33HyFPlHZOfsClhBUTxrDVsioPXFrghpwJp1XLRBU6NezxT2zhS4bpvfOK-ZlcZHvWwN0EizyXNfDQIHnddTwBB9fRcyVr1k&sig=Cg0ArKJSzIAp_mJgwdb-EAE&cid=CAASPeRoJ9CEQ-XJoWlDX17tzciVE3jfEVWBcGaO2PAGA1uS3-V0RIjFPFCL-LYmPa9jBBySiW9YYiFAX5V9jSk&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=63&tls=1063&g=100&h=100&tt=1063&r=v&avms=ampa&adk=4219403195
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://beckernews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 01:11:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ice
logs-01.loggly.com/inputs/c2567968-6d7d-4427-a7bb-eaab4a243135/tag/ 		19 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logs-01.loggly.com/inputs/c2567968-6d7d-4427-a7bb-eaab4a243135/tag/ice
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1757.010-3.025/ice.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.80.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-80-3.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261

Request headers

Referer
https://beckernews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 26 Sep 2021 01:11:30 GMT
Server
nginx
Connection
keep-alive
Access-Control-Allow-Headers
Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
Content-Length
19
Content-Type
text/html
analytics.js
www.google-analytics.com/ Frame 7C20 		0
0
analytics.js
www.google-analytics.com/ Frame 3156 		0
0
analytics.js
www.google-analytics.com/ Frame 7517 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
de.tynt.com
URL
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Domain
adservice.google.com
URL
https://adservice.google.com/adsid/integrator.js?domain=beckernews.com
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3626113576830852&correlator=1509071911098864&output=ldjh&impl=fifs&eid=31062904%2C31062919%2C31062312&vrg=2021092001&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210926&iu_parts=90814396%2CBeckernews_728x90_stickybottom_HB&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=testStatus%3DExperiment2%26refresh%3D0%26url%3Dhttps%253A%252F%252Fbeckernews.com%252Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%252F%26referrerCategory%3DDirect%26fp_pb%3D0.10%26nm_id%3Dc3da6e93%26hb_pb%3D0.00%26orig_hb_pb%3D0.00&eri=1&cookie=ID%3Dd0379180328caf15%3AT%3D1632618687%3AS%3DALNI_MawIbL-YomKcVuA7eBGzZiD6B3lCQ&cdm=beckernews.com&bc=31&abxe=1&lmt=1632618687&dt=1632618687940&dlt=1632618687023&idt=683&ea=0&frm=23&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=2692824166&ucis=s5vsjtnwez6f&ifi=1&ifk=1472459484&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&top=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=908424827.1632618686&ga_sid=1632618688&ga_hid=1101463569&ga_fc=true&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Domain
2d1fdc6274df0735a105f2b8ad1927c3.safeframe.googlesyndication.com
URL
https://2d1fdc6274df0735a105f2b8ad1927c3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Domain
pixels.ad.gt
URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=666e6e60137cca35d543d1b8317b232a&url=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&code=%27none%27
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/fbevents.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/plugins/ua/ec.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| CloudflareApps object| tieSkin object| html string| htmlSkin undefined| tieSkinInverted object| _wpemojiSettings object| params undefined| $ function| jQuery function| documentInitOneSignal function| OneSignal number| infolinks_pid number| infolinks_wsid object| $iceboot object| INFOLINKS function| gtag object| dataLayer function| loadCSS object| header boolean| mnIsDark boolean| tnIsDark function| _typeof object| $ice object| $infolinks object| twemoji object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hb_iceChunk object| hb_ice object| _pbjsGlobals object| $ICE_HB object| gaplugins object| gaGlobal object| gaData number| $iceId function| GRAPP function| CE object| GRWF2 object| DATAFILE object| webformId_Sbymy object| _ldAdIdMap object| ldAdInit object| str object| VUUKLE_CONFIG object| q2w3_sidebar_options function| q2w3_sidebar_init function| q2w3_exclude_mutations_array function| q2w3_sidebar object| tie function| tieFlexMenu function| tieLazyLoad function| tieTabs function| tie_animate_element function| tie_animate_reviews object| $doc object| $window object| $html object| $body object| $themeHeader object| $mainNav object| $container boolean| is_RTL number| intialWidth boolean| isDuringAjax boolean| scrollBarWidth boolean| mobileMenu object| emergence object| browserPrefixes object| $the_post object| $postContent function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter function| ai_load_blocks boolean| ai_js_code function| wprRemoveCPCSS object| ubdyfdntdk string| tayimnzipny object| yLs object| widget_obj boolean| q2w3Refresh object| php_js boolean| ins function| $lvpl function| vuukleLogin function| newVuukleWidgets object| webpackChunk number| VUUKLE_PLATFORM function| vuukleAuthUser function| removeVuukleWidgets function| generateVuukleAds object| _0x4cc4 function| _0x30b6 function| _0x4a113e object| _ds05un3 number| _pa_v object| paGlobal function| callUnitMan object| pa_pbjs_fw object| pa_pbjs_fw1.1 number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| _vuukleGeo number| __a object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| _vuukleConfig object| aniplayerPos function| vuukleLoader function| vuuklehbChunk object| vuuklehb object| vuukleConsole object| vuukleSlots object| googletag object| aax boolean| _VuukleDebug object| vuuklePlayerComponent number| vuukleLoaded object| confiant object| com function| _avcp object| storageAni function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| auvars number| leftPosition object| npt object| AMP object| AMP_CONFIG object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_MODE object| __AMP_TOP object| __AMP_SERVICES object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS boolean| __AMP_TAG function| FormProxy function| docReady object| au object| autag function| fbq function| _fbq

95 Cookies

Domain/Path Name / Value
beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911 Name: logglytrackingsession
Value: 55d976ff-5b1e-4c3e-82b2-2ef76d767bc6
.beckernews.com/ Name: _ga
Value: GA1.2.908424827.1632618686
.beckernews.com/ Name: _gid
Value: GA1.2.1005920562.1632618686
.beckernews.com/ Name: _gat_gtag_UA_190122086_1
Value: 1
.infolinks.com/ Name: cuid
Value: 31490988-2f6d-4492-89c7-4a1dfc05ba9b
.adnxs.com/ Name: uuid2
Value: 3182964695445562526
.casalemedia.com/ Name: CMID
Value: YU-Ivh73IyxOQmfl4bPqvgAA
.casalemedia.com/ Name: CMPS
Value: 5216
.casalemedia.com/ Name: CMPRO
Value: 1202
.casalemedia.com/ Name: CMST
Value: YU-IvmFPyL4A
.yahoo.com/ Name: A3
Value: d=AQABBL7IT2ECEED5KpqChrGo0raydytW9OAFEgEBAQEaUWFZYQAAAAAA_eMAAA&S=AQAAAknA63gq_SZ00yEVWu9-zy4
.advertising.com/ Name: APID
Value: UPac23fe36-1e66-11ec-addc-02da58b6f1ba
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.analytics.yahoo.com/ Name: IDSYNC
Value: "192u~20m1:18xp~20m1"
.yahoo.com/ Name: APID
Value: UPac23fe36-1e66-11ec-addc-02da58b6f1ba
.yahoo.com/ Name: APIDTS
Value: 1632618686
.pubmatic.com/ Name: SyncRTB3
Value: 1633824000%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 425F9F2B-2378-4F75-8109-4C135A4BEF0C
.adsrvr.org/ Name: TDID
Value: 351d84be-f55d-482e-aad8-99fde6c2599e
.turn.com/ Name: uid
Value: 4032601641360509986
.doubleclick.net/ Name: IDE
Value: AHWqTUkrWrOb61Rp3Sd9nHyN4-38k7TxMXotNRh9KB28gnh6gbc-GmZXMn7dWDJgdj4
.lijit.com/ Name: ljt_reader
Value: 5a6b0816c7479ca708bd8960
.cpx.to/ Name: cpSess
Value: 5cb0f1fac5fb1ad0
.cpx.to/ Name: dsp_app_nexus
Value: 3182964695445562526#1632618686625
.infolinks.com/ Name: IXUSERCOOKIE
Value: YU-Ivh73IyxOQmfl4bPqvgAA&1202
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-6nr_1aRE2uEoSkt0EttW81PLFkqAzubeiucJaTk-~A
.casalemedia.com/ Name: CMRUM3
Value: be614fc8be05a0&e6614fc8be2760&f1614fc8be05a0&b0614fc8be05a00&04614fc8be27604032601641360509986&41614fc8be05a0&27614fc8be0b40&2d614fc8be05a0
.pubmatic.com/ Name: PUBMDCID
Value: 3
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1ecc5b10-1d52-4a9f-ba25-c5d99fe6dc6e-003%22%7D
.infolinks.com/ Name: ANUSERCOOKIE
Value: 3182964695445562526
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-mNsbn9pE2uGNkofIo087Sp3sJKP7mv.q~A~UPac23fe36-1e66-11ec-addc-02da58b6f1ba
.bnmla.com/ Name: rx_sspurl_1000361
Value: https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D1e83a2c9-99c9-4065-9607-fca81112d613
.bnmla.com/ Name: rx_uuid
Value: 1e83a2c9-99c9-4065-9607-fca81112d613
.bnmla.com/ Name: rx_maxage_1000361
Value: 1633914686
.bnmla.com/ Name: rx_sspid_1000361
Value: 6
.tynt.com/ Name: uid
Value: o6/cF2FPyL5hfc8dDyQzEQ==
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1ecc5b10-1d52-4a9f-ba25-c5d99fe6dc6e-003%22%7D
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: 5a6b0816c7479ca708bd8960
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrQwNzQ2NDMwMgayjIwNzI2MhPgMdTPjk_1LzV2KUw0ivaR4Dc2MjcwMLcyA0NAQALKd1lo0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrQwNzQ2NDMwMgayjIwNzI2MhPgMdTPjk_1LzV2KUw0ivQDkqtIdJQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFslzmtoZmxkZmhhBoSGhgAMXS9jEAAAAA
.infolinks.com/ Name: KADUSERCOOKIE
Value: 425F9F2B-2378-4F75-8109-4C135A4BEF0C~1632618773255
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: 425F9F2B-2378-4F75-8109-4C135A4BEF0C
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 1871316023187230722
.simpli.fi/ Name: suid
Value: B651D007CEC343F3B083BD811E73E4F9
.infolinks.com/ Name: ZMNUSERCOOKIE
Value: ""
.infolinks.com/ Name: R1USERCOOKIE
Value: RX-1ecc5b10-1d52-4a9f-ba25-c5d99fe6dc6e-003
.lockerdome.com/ Name: account_id
Value: 14418326914852352
.lockerdome.com/ Name: ldrid
Value: bqGRk1ybS4Nn30Y%2FVqJHN4yapaiCX341LJX6ZOqShU8CSF8kA5%2FFuoDvuKmjXHDfNFL%2BtpeKK3ulyYvlc3DEIXVKN4TtZS%2FGuljmXMwrP%2F65tEqK7ftieH6ahK7RFupV
.lockerdome.com/ Name: login_token
Value: %2214418326914852352%7C1640394686887%3A%7Call%7CLhGlKWH%2FWMaUNuNHoANE8HHVHJoe1WymtDrXDv8G9ie%2BkFoFJIGZG9IrIvQ80Jks%2FsK2ZCZaVeEOJnoZyWEKiw%3D%3D%22
.infolinks.com/ Name: ENBDSERCOOKIE
Value: 1e83a2c9-99c9-4065-9607-fca81112d613
.ad.gt/ Name: au_id
Value: a74e5f4f-efb6-4f42-bdc9-5e74ebc19e5b
.ad.gt/ Name: au_idmatch
Value: {"apn": "2021-09-26", "ttd": "2021-09-26", "pub": "2021-09-26", "adx": "2021-09-26", "halo": "2021-09-26", "goo": "2021-09-26", "ppnt": "2021-09-26", "taboola": "2021-09-26", "bees": "2021-09-26"}
beckernews.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.beckernews.com/ Name: _pubcid
Value: 10015adb-6d7c-470b-b004-c24e560fc3ac
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwj0iorCqaWAOhAFOAFaBzhna3hiNm5gAg..
.adnxs.com/ Name: icu
Value: ChgItpB3EAoYASABKAEwv5G_igY4AUABSAEQv5G_igYYAA..
beckernews.com/ Name: cto_bidid
Value: 9ywzK180JTJGRXZyVCUyQlkwcVBvVHpsZjVteXBBZUlGU3h4TkpnM293YTZHbTRBVmxzaE5reG5pUWFadzFWVVRxanJkcXBkSEdXSGpKR2s1Y25NTTVrY0QwQkNHTFElM0QlM0Q
beckernews.com/ Name: cto_bundle
Value: tkT9hV94RSUyQk8zRnJMUVc5c1UwaWMwOHE4RVRVbFFjZzlDNUdZc2VBOW1pczVZbSUyQjJXYXZpMkpLeEljMGdlUU1uJTJCdUFzajFzTEJsSTluUlVRenFHYUFQNmd1RlQ5ODZ4czlqYnhkQlgzaWQ4cVRCZm1mN1VmaiUyRnlYTlFLNWVYRmZ3d0F1
.bidr.io/ Name: bito
Value: AACU3E7Cn5EAADNedUcCCw
.bidr.io/ Name: bitoIsSecure
Value: ok
.gumgum.com/ Name: cs
Value: true
.rubiconproject.com/ Name: khaos
Value: KU0J0HUS-H-5OB6
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVwnwYaQOmrhRqqbYb+IjI/LQRqus1OnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG6qEKdWU6r+VKDRWVv/VO/a+hEPPQ==
.rubiconproject.com/ Name: ses2
Value:
.rubiconproject.com/ Name: vis2
Value: 307328^1
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqWjj8Q0Gt+py/yvqFW1IuSMvFvNpcKsfOevPS5da8WcCbzYq1VjQkAcpj76PKZXj/hk5WIOeCMzL+mauXqFHyH
.vuukle.com/ Name: aniC
Value: 1632618687857-960953828423-006318-011-001244
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4eef700031e86ea9
.ad.gt/ Name: last_seeng_hosted
Value: 1632618688080
.ad.gt/ Name: g_hosted
Value:
.beckernews.com/ Name: __gads
Value: ID=27231a51d14d956f:T=1632618687:S=ALNI_Mallt33ZqHY3rkdsoXCIrkLFGgH9Q
.ad.gt/ Name: last_seenpbm
Value: 1632618688090
.ad.gt/ Name: pbm
Value: 425F9F2B-2378-4F75-8109-4C135A4BEF0C
.ad.gt/ Name: first_seenpbm
Value: 1632618688090
.ad.gt/ Name: last_seenadx
Value: 1632618688094
.ad.gt/ Name: google_gid
Value: CAESEKNHBl-NOQRFVzgD7XvMt94
.ad.gt/ Name: first_seenadx
Value: 1632618688094
.ad.gt/ Name: last_seentd
Value: 1632618688097
.ad.gt/ Name: tdid
Value: 351d84be-f55d-482e-aad8-99fde6c2599e
.ad.gt/ Name: first_seentd
Value: 1632618688097
.openx.net/ Name: i
Value: 08958dff-7cf9-4d51-a2ce-ecf907013a9e|1632618688
.ad.gt/ Name: last_seenadnxs
Value: 1632618688099
.ad.gt/ Name: adnxs_id
Value: 3182964695445562526
.ad.gt/ Name: first_seenadnxs
Value: 1632618688099
.ad.gt/ Name: last_seenpulsepoint
Value: 1632618688103
.ad.gt/ Name: uid
Value: 1Xn0aRdAQKF7
.ad.gt/ Name: last_seenbeeswax
Value: 1632618688137
.ad.gt/ Name: beeswax_id
Value: AACU3E7Cn5EAADNedUcCCw
.ad.gt/ Name: last_seenhaloid
Value: 1632618688331
.ad.gt/ Name: halo_id
Value: 02000hc5ci07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl
.ad.gt/ Name: first_seenhaloid
Value: 1632618688331
.ad.gt/ Name: last_seenopenx
Value: 1632618688385
.ad.gt/ Name: openx_id
Value: f279abc3-5cf2-4d5a-abe3-30417459c667

14 Console Messages

Source Level URL
Text
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vr'.
security error URL: https://router.infolinks.com/usync/manage?pid=3309066&wsid=0&pdom=beckernews.com&purl=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F(Line 81)
Message:
Mixed Content: The page at 'https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/' was loaded over HTTPS, but requested an insecure frame 'http://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://p.ad.gt/api/v1/p/251
Message:
Refused to load the script 'https://pixels.ad.gt/api/v1/getpixels?tagger_id=666e6e60137cca35d543d1b8317b232a&url=https%3A%2F%2Fbeckernews.com%2Ffbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911%2F&code=%27none%27' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://p.ad.gt/api/v1/p/251
Message:
Refused to load the script 'https://connect.facebook.net/en_US/fbevents.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.google-analytics.com/analytics.js(Line 27)
Message:
Refused to load the script 'https://www.google-analytics.com/plugins/ua/ecommerce.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.google-analytics.com/analytics.js(Line 27)
Message:
Refused to load the script 'https://www.google-analytics.com/plugins/ua/ec.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
javascript warning URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Message:
The resource https://s.flocdn.com/cmp/2.1.5/tcf-2.0-cmp.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://beckernews.com/fbi-undercover-agent-on-january-6-received-text-that-confirms-no-trump-led-plot-to-overturn-2020-election-41911/
Message:
The resource https://s.flocdn.com/cmp/2.1.5/tcf-2.0-loader.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
security error URL: https://cdn2.lockerdomecdn.com/_js/ajs.js(Line 1)
Message:
Refused to load the script 'https://www.google-analytics.com/analytics.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://cdn2.lockerdomecdn.com/_js/ajs.js(Line 1)
Message:
Refused to load the script 'https://www.google-analytics.com/analytics.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://cdn2.lockerdomecdn.com/_js/ajs.js(Line 1)
Message:
Refused to load the script 'https://www.google-analytics.com/analytics.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2d1fdc6274df0735a105f2b8ad1927c3.safeframe.googlesyndication.com
a.ad.gt
ad.turn.com
ads.pubmatic.com
adservice.google.com
ap.lijit.com
api.vuukle.com
app.getresponse.com
aufp.io
b1sync.zemanta.com
beckernews.com
bh.contextweb.com
c99cab225d5657697a695f1bc4aa8fb4.safeframe.googlesyndication.com
casale-match.dotomi.com
cdn.ampproject.org
cdn.onesignal.com
cdn.vuukle.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.brainlyads.com
ib.adnxs.com
ids.ad.gt
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
img.onesignal.com
lockerdome.com
logs-01.loggly.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
media.vuukle.com
onesignal.com
onetag-sys.com
p.ad.gt
p.rfihub.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.zprk.io
pixels.ad.gt
play.aniview.com
player.aniview.com
player.avplayer.com
powerad.ai
publish.vuukle.com
rddywd.com
reporting.powerad.ai
resources.infolinks.com
router.infolinks.com
rt3002.infolinks.com
s.amazon-adsystem.com
s.cpx.to
s.flocdn.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
serv.vuukle.com
servt.vuukle.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.1rx.io
sync.go.sonobi.com
sync.targeting.unrulymedia.com
tag.1rx.io
tg1.vuukle.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
vuukle.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
2d1fdc6274df0735a105f2b8ad1927c3.safeframe.googlesyndication.com
adservice.google.com
connect.facebook.net
de.tynt.com
pixels.ad.gt
securepubads.g.doubleclick.net
www.google-analytics.com
104.154.142.214
104.160.64.9
104.18.226.52
104.21.64.241
13.225.78.108
142.250.181.228
142.250.184.193
142.250.185.138
142.250.185.226
142.250.185.66
142.250.185.97
142.250.185.98
142.250.186.168
142.250.186.33
142.250.186.42
142.250.186.66
142.250.186.78
142.250.186.99
151.101.129.194
151.101.193.44
151.139.241.28
151.139.242.29
159.253.128.188
172.217.16.130
172.64.195.3
172.66.41.9
172.66.42.247
172.67.22.149
174.137.133.49
178.162.133.149
178.250.0.157
18.159.140.98
18.192.135.64
18.211.226.152
185.64.190.79
185.64.190.80
185.64.190.81
192.0.73.2
193.0.160.128
198.148.27.140
2.16.186.139
2.16.186.145
2.18.232.78
2.18.233.180
2.18.234.21
208.100.17.174
213.19.147.42
213.19.147.44
213.19.162.41
216.52.2.39
23.20.158.212
3.1.182.12
3.126.56.137
3.219.102.109
34.149.20.76
34.197.47.85
34.223.151.79
34.243.225.216
35.164.229.85
35.244.159.8
37.252.172.249
37.252.173.22
38.27.122.101
38.91.45.7
44.238.136.108
46.228.164.11
51.89.9.252
52.17.150.98
52.208.41.69
52.46.154.242
54.149.90.128
54.234.151.247
54.236.80.3
63.215.202.140
64.202.112.159
74.125.133.156
76.223.111.131
0029ee4912d4471314440fdc533cb553279a20675d9c90338d4189618fd18378
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
034f3e6f65deab10ae8553a80332cddd1324f4b59e0340953964b9ebae2a99a8
04c89cee5d0367366108602ac99bab169386f328b59f2128176bfe9349639356
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9ac233a87095c82fb409d77e1e8214461f3cffad4ddf119072b3f37caff6b1
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e111afd6384412a76898edb46b33758947b5580d55269dfcebb619e9b2fbced
0e16f4c115b0662fbe6d1f8c138f99256dfa2c72d3f58d7fda7c6e8507ca295c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
194e25aa7a390baf4812617cd2b57321c28ccc822dacd69f8a7eba5a6294a5cf
1aaac8c7faa577fbb5e2d12a86c0ca350d2bbef197434b3a1941950edb9076c3
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1e67077bbd7be85b37ddf0954e0cdd972e1cb6bc12d7b7f3b954a05fe56bdadc
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a
2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147
2204358b52460c8b43b97a77d9b2c85aefb1c2e140de6bc784e0e3e287d0483e
22225d6da5dd59b227e95e5c2ae58db60a771c87df9298a1cb2f6cb24919090e
2403c547323e252309d499941b20324d71d113374e88da01e7a2bec540568946
261e918e8e6767d021cb4dc761152a7d09ea8d298288776ac2fea357e7801d45
2987d1f761378ab8114e7f3a45e345b21b777a8497be57d3c09a56ea940ba211
2b697ae3266afd70d1108fda9eea78b90db518003f1049e6913ad0e0368723fc
2c0c843a90335e1ded417a757158321db97b1a490fd831ee72e8868e8d3103da
2c316af1b24fb90e49d41ecad6c805423aaea31ca166ffbff0427ad8571bc357
2c8affe7eafafcf47be8aa507c705f0afd0535a1d4c1c66ae4305048cc80beab
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2ee161ee902daab76ff7bb03b1de4537ec1a5e3e515ed174879a7c60d7d621bc
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35546a6bbe7271b590c93a9fa57d372388614f578bcf2ea6c31cc2fb6a7f5059
368c94f8a26ed6a99ca46c4b565e4f2586994d513b47e35cf17cd9a01c423251
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38f85611925a095ed688e7bcdcce4bfbb29663be2c307fc6886f9dfdda1cb3f8
3bbb08c1dcbc61185f3c37319310f2f5a29101546a1642935bd944f666ce459b
3cd72707a6eb0ba2f481bf98476ada929d93c3cc1ccf2fa702f4e237ddbea113
3e34c1f33699b063fdeabd6f6097f5dee67969aa618a86e44765b945d0ad9197
3e502cfb0a80d65e0664272f7715dcb92d5a3af769bbcad9b315b72e1b939ca8
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c
3f4548c509fbb4ee508b86ccf5987d8e8582bf6675b76886238b8397be2fad24
3f6da00e1e732b578e02771bb6b159345bf62a55438af02ce1b52c568a39179b
419bf1164e3203f3e5dcb42fa9c7148c6e92894c28bf2c97cabda3b1d4ba8175
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
429d04f8c6f9e012ec32a12b15f1d740bfefff1185e9de2324b26b7a468f448a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445648ee5d2ffb447c4ee449d87d248d7337283ee75da8369ae812d44e338f88
460c1a704ba04adfc29ec1305ac66d7da44dfdb16d9eebe58c486da1fd5de457
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
4b319c02a848b7852089cba92a4b4d242e5454bb18ff532b5e0ecd4298fcf952
4c5091be81b842fa184aa87eb73febbff2ba72ec1afc55e959ef29dbbf9b8853
4c91dad330c16c5895489912b1136b4b330ff386868edce1e5c7852913274be9
4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7
503042f95c5f9e265b1b56e7e6010668a6efe9e2f837cca13e5d64892c587412
506a730d36c720dbb48561426cf9c29e9db375e0ffb6c2bce8f6ac77f233b24c
5273296fe3bf7de7a8a3e91d887085df23af6452519e0b654aeb712aa5d0df95
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53f98bb0b288d162a288ce2caf8406c00c1fd474f0c73a58b5893098271621a9
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1
5507e079d0433299e737b04b2f3f36df25c5c0f0c74c0ed00864f7a3a7cffcb7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5713867ac8881dd5a8e178755241a12fc55d6a4144c27216e5608064b1ed972e
5b50180d19361f6fe64b58067f1a933a07fe538c8d88c81497076713b2872957
5bd59ca1984a57d696b8671f59f467f337b1734346663b9c4a06c5054ee4e9bc
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
607a278086c235f6b1bf896ecc82183cfe266ff2d5e3e5178c4db666507a4d36
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6140f888abb23f8d193e8a3cd9165859ff9ecf90999d563be7c148b76b094979
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62a241b5bb0abbb690e5fca0412be810b9c22316fbb958c6a9539df6fab09c58
630092ed4770a643548737d7e22a01379bbbf66bf62249f7d02b299e14c0c271
63721156438c4a8fad96c6cb93099d8a59e94706abc4bf0c391b393cff33aa9e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a01173a853fff61bfdd81660ab0e98e5ac0d6d4695577038257937676947096
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8f72b36bfedb5b04bacd1d4e3da814fcca36da13796a416a382f3a884c4cfd
700ef6d5794e7e87ada4629945e7c3b510bcf58945283de4bdf5e317365383f3
71fa1f7d7f86952d4f8409f3c419849828c9416c58ac248e23e02b2ddc712dd1
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
7642fabb3da705df23f989fcac1de33b856696179306d69bedb3a1963f32d803
767e37bcd6daaf0e719be2ba4bba0a36a11040e971b918a068bf8cb0ea9c4aca
76dabf6620367c7f6a0594bc33c4f485e98a58a5d30bd48aa7e0cf3980f4349a
791995af533e2ac5bd3bfeb9344684013d5cd30b77bb86f35c64517a210346ea
798a8b67e0a4bfdfa67b3a9b121ce71c90b207f64fef0c857f794f86f6119681
7ea78e306ac16fe8d50093b56b31f965ce7f3f3930c52255382913223f285198
7f13479803e3cf44a7401aad8f6b6bc0a02eea808fa6ab3e3e67dc92ccf1aead
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
8027119f899b59c2af3b0ccb2c7d1323fb3891a1235ab54309fe5337b92cd1c6
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8548d22e0fe82f9ac98dd5148510c0bb6885aad92f661876a8078b9be620ea2e
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
86e8be85acf880935aa96b9d7aaf4fa97bf5a0e2db09835040e5b97ec43d5cc2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd2e13ba2f1fc5233918aaae1dfe938786c7ee35b033c038e1d02852bab87ef
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b
9631687f23ad276f3e8e97af4cf1437b634478e56f9c9267ced4affb5407f1c6
9699f4d624f3211fd0882e0fdb87fdf63b9f2debd680419c6295e0407c3391a0
969b524e261c3984d7d150383f6dba525f0eb1a8e721c14021ac1a589756ee93
97b1eabc804cb438be110d8cf78dd1788b659595749ae40bf25a77f3a71da9a5
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9a9a466cd927c64b4e9b81e29beec7d80422fb985b26a1ec038abea10c74c1eb
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03
a39544572cf25ccc6a9bc2568105ba6fc52818cc5512a2c07681cba545570bb1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
ac459870ee1cca5d5d0e026c96ff19dc0a7118534cf508e3a50ca3532ea1228a
ae625e9e6b3122d32b8d11214bd5cc002949da0c906f9418053f6a23a821ec5c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0aed5a087fa6ad20f91c4070a501c6dfe23845d1fc167b2e21b3a9e711b49c9
b0dd411f02f5b629666261dc8dd9ac72bef9d6fb1fbacddb4463919343734e28
b1366a64d1d8301e5d1ff1687b9edfd194803a6126e15ef3dfd46b6c6cf93f96
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b46e58bceb73bd28661e9e0498f6797587bce97336fb4ba386a70ac0aa9fc533
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b732aa760484feded70866a79c1f89bafdc9938e83e74b0d8d8ff7fbb4a7b77a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c198b94166f160853d501bd4e5e0bfb99427dc721683db453e0fa841da45848e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c9057126ea1f0a44bc850d540403adfad8b718b55ff27b768087585c32a7c4fd
cc8562872dc541ccfe9ab57d0d85581b33b22924c126651f11d1dc3456ad7961
cc857f7efbc1e048cabc1696de604c3b0f192b684ff5f7d408cbd22556bd568c
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d131dd58937b4ff2e08a8399ab2ef8d2cea3ce1970f35089728b9070cc2e7bf9
d1fee1f6316be5da2004266f828e460949140506f01805e61ae6cc6a16d07c67
d32fab99b3bd3fd9b552031f7dc53735690d8d8ba57bb90fe20f7d27dd39c63a
d761897f56457edc168842d6bb38328d73fc21e1a99ba5ebf7d1a2c22da6d860
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc
d9a68a4c4bfa7c59739ca435b5ba2cc3547872601f56040c63e60f5ffeae1be5
d9b2c044b91924b8a5328b5b7965bbf902abedbbb99fbccbbff26e452e7cf78c
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df7e44d506046cd36a76b4a2038801997c1f2907da4f102fb54b6e2bd39b67fe
e13b492d574f90b2c7f6796d1ced71892d186e8806ae0d5dff00cd2f5a6c2146
e1ef1c01e9c1302d70e3d6e1e9ae35e81f48aedf29624d5ed48f2e972abac0ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457
e8f715a77cc5b8cd5d0e1921d4004798db490801a9569e248fa9a5dcdcc07bb6
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
f43a9ee151e8271c55d372a33b640f76cbc1d1a1aa2a0b29687ff25d8b1978af
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950
f599aefbfabdfe52cc2ad3ed7db44f24b715b50c263438c4cd7818f728f51073
f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01
f96fc731c91b0b75d51d810bbe2bc27471553510c6f457143c9758a0795fb780
fa3347e4170323e894c13c9b3f3aa8b23d4c4d59477296a05d62a826c5306f3f
fab2d54eff3f2ca661b1095ea40aa9833adecf10accbbc27f40431f6051e6e17
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fcfe5110ac9c49cc22d5eac8f5d53c480f48c0830b006769b0beb021a36d1010
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c