urlscan.io logo urlscan.io
SecurityTrails logo

ijr.com Open in urlscan Pro
104.22.49.147  Public Scan

Go To Rescan Add Verdict Report
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_co...
Submission: On October 15 via api from QA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 59 IPs in 6 countries across 45 domains to perform 225 HTTP transactions. The main IP is 104.22.49.147, located in and belongs to CLOUDFLARENET, US. The main domain is ijr.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 14th 2021. Valid for: a year.
This is the only time ijr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 104.22.49.147 13335 (CLOUDFLAR...)
1 18.66.137.221 16509 (AMAZON-02)
6 35.245.52.229 15169 (GOOGLE)
1 198.148.27.139 19189 (PULSEPOINT)
2 34.95.69.49 15169 (GOOGLE)
1 142.250.185.104 15169 (GOOGLE)
3 2.18.233.180 16625 (AKAMAI-AS)
5 35.201.98.64 15169 (GOOGLE)
8 142.250.184.226 15169 (GOOGLE)
6 18.66.241.177 16509 (AMAZON-02)
1 3 13.32.99.23 16509 (AMAZON-02)
2 23.20.58.18 14618 (AMAZON-AES)
2 172.67.75.241 13335 (CLOUDFLAR...)
1 34.107.148.139 15169 (GOOGLE)
1 3 37.252.172.45 29990 (ASN-APPNEX)
1 185.64.189.112 62713 (AS-PUBMATIC)
3 213.19.162.61 3356 (LEVEL3)
1 5 151.101.130.137 54113 (FASTLY)
2 178.250.0.157 44788 (ASN-CRITE...)
10 142.250.185.98 15169 (GOOGLE)
3 142.250.185.142 15169 (GOOGLE)
2 157.240.20.19 32934 (FACEBOOK)
11 151.139.128.11 20446 (HIGHWINDS3)
2 18.66.107.179 16509 (AMAZON-02)
1 13.32.99.34 16509 (AMAZON-02)
5 18.66.112.27 16509 (AMAZON-02)
1 151.139.242.29 33438 (HIGHWINDS2)
3 142.250.181.226 15169 (GOOGLE)
4 142.250.185.129 15169 (GOOGLE)
5 18.225.3.119 16509 (AMAZON-02)
6 52.48.179.1 16509 (AMAZON-02)
1 13.225.87.116 16509 (AMAZON-02)
2 34.231.137.126 14618 (AMAZON-AES)
1 104.154.142.214 15169 (GOOGLE)
2 74.125.206.156 15169 (GOOGLE)
3 157.240.20.35 32934 (FACEBOOK)
2 5 142.250.185.100 15169 (GOOGLE)
14 18.203.208.193 16509 (AMAZON-02)
4 142.250.186.74 15169 (GOOGLE)
4 142.250.186.42 15169 (GOOGLE)
1 142.250.184.240 15169 (GOOGLE)
5 142.250.186.163 15169 (GOOGLE)
3 9 142.250.186.34 15169 (GOOGLE)
16 172.217.23.97 15169 (GOOGLE)
2 151.139.241.28 33438 (HIGHWINDS2)
1 2 52.213.249.25 16509 (AMAZON-02)
10 142.250.184.230 15169 (GOOGLE)
4 34.227.85.106 14618 (AMAZON-AES)
2 151.101.65.194 54113 (FASTLY)
2 4 2.21.141.232 16625 (AKAMAI-AS)
1 51.89.21.5 16276 (OVH)
1 52.208.103.128 16509 (AMAZON-02)
1 76.223.111.131 16509 (AMAZON-02)
1 52.222.250.186 16509 (AMAZON-02)
3 54.237.212.105 14618 (AMAZON-AES)
5 142.250.181.225 15169 (GOOGLE)
1 104.21.83.150 13335 (CLOUDFLAR...)
1 142.250.184.212 15169 (GOOGLE)
225 59
16    104.22.49.147 (None, )

ASN13335 (CLOUDFLARENET, US)
ijr.com
1    18.66.137.221 (United States)

ASN16509 (AMAZON-02, US)
d3l320urli0p1u.cloudfront.net.
6    35.245.52.229 (Washington, United States)

ASN15169 (GOOGLE, US)
PTR: 229.52.245.35.bc.googleusercontent.com
soapps.net
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    35.201.98.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.98.201.35.bc.googleusercontent.com
panickypancake.com
8    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googletagservices.com
pagead2.googlesyndication.com
6    18.66.241.177 (United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
3    13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    23.20.58.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-58-18.compute-1.amazonaws.com
pa.rxthdr.com
2    172.67.75.241 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
3    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
5    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
vid.connatix.com
img.connatix.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
10    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
3    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
2    157.240.20.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
11    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
assets.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
2    18.66.107.179 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
1    13.32.99.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-34.fra60.r.cloudfront.net
ats.rlcdn.com
5    18.66.112.27 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)
cdn2.lockerdomecdn.com
3    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
adservice.google.com
googleads4.g.doubleclick.net
4    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
5    18.225.3.119 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-225-3-119.us-east-2.compute.amazonaws.com
capi.connatix.com
6    52.48.179.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-179-1.eu-west-1.compute.amazonaws.com
trends.revcontent.com
1    13.225.87.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-116.fra2.r.cloudfront.net
geo.privacymanager.io
2    34.231.137.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-137-126.compute-1.amazonaws.com
geoip.instiengage.com
b2c.instiengage.com
1    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
2    74.125.206.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f156.1e100.net
stats.g.doubleclick.net
3    157.240.20.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
5    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
14    18.203.208.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
s.srvsynd.com
4    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
imasdk.googleapis.com
4    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
1    142.250.184.240 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f16.1e100.net
storage.googleapis.com
5    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
9    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
16    172.217.23.97 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f97.1e100.net
tpc.googlesyndication.com
2    151.139.241.28 (United States)

ASN33438 (HIGHWINDS2, US)
cdn1.lockerdomecdn.com
2    52.213.249.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-249-25.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
10    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
s0.2mdn.net
4    34.227.85.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-85-106.compute-1.amazonaws.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
2    151.101.65.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
4    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    51.89.21.5 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p38.id5-sync.com
id5-sync.com
1    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    52.222.250.186 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-186.fra60.r.cloudfront.net
df80k0z3fi8zg.cloudfront.net
3    54.237.212.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-212-105.compute-1.amazonaws.com
dt.adsafeprotected.com
5    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
cdn.ampproject.org
1    104.21.83.150 (None, )

ASN13335 (CLOUDFLARENET, US)
metrics.getrockerbox.com
1    142.250.184.212 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f20.1e100.net
liftable-bq-streamer.appspot.com
Apex Domain
Subdomains		 Transfer
25 googlesyndication.com
8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
235 KB
22 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
277 KB
17 revcontent.com
assets.revcontent.com
trends.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
241 KB
16 ijr.com
ijr.com
475 KB
14 srvsynd.com
s.srvsynd.com
52 KB
10 2mdn.net
s0.2mdn.net
894 KB
10 adsafeprotected.com
static.adsafeprotected.com
fw.adsafeprotected.com
dt.adsafeprotected.com
126 KB
10 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
vid.connatix.com
img.connatix.com
238 KB
9 googleapis.com
imasdk.googleapis.com
fonts.googleapis.com
storage.googleapis.com
697 KB
7 google.com
adservice.google.com
www.google.com
1 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
41 KB
6 soapps.net
soapps.net
279 KB
5 ampproject.org
cdn.ampproject.org
103 KB
5 gstatic.com
fonts.gstatic.com
214 KB
5 panickypancake.com
panickypancake.com
31 KB
4 casalemedia.com
dsum-sec.casalemedia.com
4 KB
4 insticator.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
3 KB
4 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com Failed
128 KB
3 facebook.com
www.facebook.com
432 B
3 lockerdomecdn.com
cdn2.lockerdomecdn.com
cdn1.lockerdomecdn.com
28 KB
3 cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
151 KB
3 google-analytics.com
www.google-analytics.com
21 KB
3 rubiconproject.com
fastlane.rubiconproject.com
4 KB
3 adnxs.com
ib.adnxs.com
8 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 googletagservices.com
www.googletagservices.com
101 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net
80 KB
2 instiengage.com
geoip.instiengage.com
b2c.instiengage.com
3 KB
2 facebook.net
connect.facebook.net
170 KB
2 criteo.com
gum.criteo.com
596 B
2 4dex.io
script.4dex.io
24 KB
2 rxthdr.com
pa.rxthdr.com
273 B
2 clean.gg
i.clean.gg
104 B
1 appspot.com
liftable-bq-streamer.appspot.com
293 B
1 getrockerbox.com
metrics.getrockerbox.com
686 B
1 adsrvr.org
match.adsrvr.org
537 B
1 crwdcntrl.net
id.crwdcntrl.net
900 B
1 id5-sync.com
id5-sync.com
525 B
1 lockerdome.com
lockerdome.com
11 KB
1 privacymanager.io
geo.privacymanager.io
593 B
1 rlcdn.com
ats.rlcdn.com
61 KB
1 media.net
prebid.media.net
445 B
1 googletagmanager.com
www.googletagmanager.com
43 KB
1 contextweb.com
bh.contextweb.com
405 B
1 net.
d3l320urli0p1u.cloudfront.net.
39 KB
225 45
Domain Requested by
16 tpc.googlesyndication.com 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
ijr.com
tpc.googlesyndication.com
16 ijr.com ijr.com
14 s.srvsynd.com d3l320urli0p1u.cloudfront.net.
s.srvsynd.com
10 s0.2mdn.net ijr.com
s0.2mdn.net
10 securepubads.g.doubleclick.net d3l320urli0p1u.cloudfront.net.
www.googletagservices.com
securepubads.g.doubleclick.net
ijr.com
8 images.revcontent.com ijr.com
6 trends.revcontent.com d3l320urli0p1u.cloudfront.net.
6 c.amazon-adsystem.com d3l320urli0p1u.cloudfront.net.
c.amazon-adsystem.com
6 soapps.net ijr.com
d3l320urli0p1u.cloudfront.net.
soapps.net
5 cdn.ampproject.org d3l320urli0p1u.cloudfront.net.
5 pagead2.googlesyndication.com 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
ijr.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
ijr.com
5 fonts.gstatic.com ijr.com
fonts.googleapis.com
5 www.google.com 2 redirects ijr.com
8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
5 capi.connatix.com cd.connatix.com
5 static.adsafeprotected.com ijr.com
8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
5 panickypancake.com d3l320urli0p1u.cloudfront.net.
panickypancake.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 fonts.googleapis.com ijr.com
soapps.net
tpc.googlesyndication.com
4 imasdk.googleapis.com ijr.com
d3l320urli0p1u.cloudfront.net.
4 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com d3l320urli0p1u.cloudfront.net.
3 dt.adsafeprotected.com 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
3 www.facebook.com ijr.com
3 www.google-analytics.com d3l320urli0p1u.cloudfront.net.
ijr.com
3 fastlane.rubiconproject.com ijr.com
3 ib.adnxs.com 1 redirects ijr.com
googleads.g.doubleclick.net
3 sb.scorecardresearch.com 1 redirects d3l320urli0p1u.cloudfront.net.
ijr.com
3 www.googletagservices.com d3l320urli0p1u.cloudfront.net.
8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
3 ads.pubmatic.com d3l320urli0p1u.cloudfront.net.
2 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 confiant-integrations.global.ssl.fastly.net d3l320urli0p1u.cloudfront.net.
2 fw.adsafeprotected.com 1 redirects ijr.com
2 cdn1.lockerdomecdn.com lockerdome.com
2 stats.g.doubleclick.net www.google-analytics.com
lockerdome.com
2 adservice.google.com d3l320urli0p1u.cloudfront.net.
2 d3lcz8vpax4lo2.cloudfront.net d3l320urli0p1u.cloudfront.net.
2 connect.facebook.net d3l320urli0p1u.cloudfront.net.
2 gum.criteo.com ads.pubmatic.com
2 cds.connatix.com ijr.com
d3l320urli0p1u.cloudfront.net.
2 script.4dex.io d3l320urli0p1u.cloudfront.net.
2 pa.rxthdr.com ijr.com
2 i.clean.gg d3l320urli0p1u.cloudfront.net.
1 liftable-bq-streamer.appspot.com ijr.com
1 metrics.getrockerbox.com ijr.com
1 googleads4.g.doubleclick.net ijr.com
1 df80k0z3fi8zg.cloudfront.net d3l320urli0p1u.cloudfront.net.
1 match.adsrvr.org ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 id5-sync.com ads.pubmatic.com
1 b2c.insticator.com d3l320urli0p1u.cloudfront.net.
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 img.connatix.com ijr.com
1 storage.googleapis.com ijr.com
1 cdn.revcontent.com ijr.com
1 img.revcontent.com ijr.com
1 vid.connatix.com cd.connatix.com
1 lockerdome.com d3l320urli0p1u.cloudfront.net.
1 b2c.instiengage.com d3l320urli0p1u.cloudfront.net.
1 geoip.instiengage.com d3lcz8vpax4lo2.cloudfront.net
1 geo.privacymanager.io d3l320urli0p1u.cloudfront.net.
1 cdn2.lockerdomecdn.com d3l320urli0p1u.cloudfront.net.
1 ats.rlcdn.com d3l320urli0p1u.cloudfront.net.
1 assets.revcontent.com d3l320urli0p1u.cloudfront.net.
1 cd.connatix.com 1 redirects
1 hbopenbid.pubmatic.com ijr.com
1 prebid.media.net ijr.com
1 www.googletagmanager.com d3l320urli0p1u.cloudfront.net.
1 bh.contextweb.com ijr.com
1 d3l320urli0p1u.cloudfront.net. ijr.com
0 image6.pubmatic.com Failed ads.pubmatic.com
225 71

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-14 -
2022-01-13		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.soapps.net
Sectigo RSA Organization Validation Secure Server CA		 2020-01-21 -
2022-01-20		 2 years crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
i.clean.gg
GTS CA 1D4		 2021-08-25 -
2021-11-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
panickypancake.com
R3		 2021-09-15 -
2021-12-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
pa.rxthdr.com
Amazon		 2020-12-20 -
2022-01-18		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-26 -
2021-10-24		 3 months crt.sh
assets.revcontent.com
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
cdn2.lockerdomecdn.com
Go Daddy Secure Certificate Authority - G2		 2021-03-06 -
2022-04-07		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
revcontent.com
Amazon		 2021-08-09 -
2022-09-07		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2021-05-28 -
2022-05-28		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2020-09-27 -
2021-10-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
srvsynd.com
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
img.revcontent.com
R3		 2021-09-12 -
2021-12-11		 3 months crt.sh
cdn.revcontent.com
R3		 2021-09-13 -
2021-12-12		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
images.revcontent.com
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
cdn1.lockerdomecdn.com
Go Daddy Secure Certificate Authority - G2		 2021-03-06 -
2022-04-07		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-11 -
2022-08-25		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.appspot.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 24 frames:

Primary Page: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Frame ID: C966204BE31D30449EFE1C777063F439
Requests: 131 HTTP requests in this frame

Frame: https://cds.connatix.com/p/133322/connatix.player.dc.js
Frame ID: B551277F0F7B1C0DCEC540A7C572AF7A
Requests: 9 HTTP requests in this frame

Frame: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8CA40AA6D365626B273EAA9AE56271E0
Requests: 1 HTTP requests in this frame

Frame: https://soapps.net/live/reactions/api/page?pageUrl=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&pageTitle=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&integrationId=d2fbc6b1-49e4-4e05-b521-2e3ec7e7fbec&contentId=f448d411-d182-4a9c-a1fa-cd903d66ff8a&frameUuid=34a9b720-c0bd-42f2-9813-06fef6e4a17e
Frame ID: 7EDC313A06C3BDCE69D292B88229BB26
Requests: 10 HTTP requests in this frame

Frame: https://b2c.instiengage.com/v3/pages/usertracking
Frame ID: F26655767D8BD89E3ED6618106BBBC33
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13652748021242214?pubid=ld-4668-3370&pubo=https%3A%2F%2Fijr.com&rid=&width=728
Frame ID: 4EBDD22234F070115983B631F4F0BFD3
Requests: 6 HTTP requests in this frame

Frame: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9A0E20F00DB19D402E0E9DAE3A965855
Requests: 22 HTTP requests in this frame

Frame: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2B4A6526DBC4957ED57A4B4629F5D69D
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Frame ID: EC4C04D34EB79FB9D5972AFD69F48BB7
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIT03AEQ_LHlARinnra1ATAB&v=APEucNV6wpDl4guBVLewTvxqd50xe4g96umC8aP7wZx1uLRnxurCYeBPvU5jxF5I9dIhs7LACzwNWNPsCzaWTiGnPAHk87iu8g
Frame ID: 1C20F8BEFB17E97301A0B4DFC59BCBC3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/index.html
Frame ID: 382F2070288B2735ABC60F3D163966F6
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2D2E8677CE7C8EBD3BD0A245944F1C22
Requests: 1 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 009BC788DE45EB07913BEB09E268C183
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: 8E23273827DDB64B8965D9669EAC6288
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: C1836C934C6ACDDE7C0C312E9B4F1586
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Frame ID: C54B06CDE9896F2E6737C022FD177E83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 18E1F6B9F6276402CF8FC27915BF97C4
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
Frame ID: A2C0C0F9F6B7BE750714CAB527B0EB5E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 329ECCFC73113EADB678791C6A687961
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: A2D6145B9642F9864EB3B08F861F104C
Requests: 1 HTTP requests in this frame

Frame: blob://https://ijr.com/46813c5f-3f75-4989-b2e2-f09912795ccb
Frame ID: 5286BB17CB8C70ECB020C97DA223CAEF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 33514311CA2CA19CAB7C892CFD1DA23E
Requests: 2 HTTP requests in this frame

Frame: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 75F78B759B5A121405DAF4F3A7591B25
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 425685ABC06A378C30058706C9C0578D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

225
Requests

97 %
HTTPS

0 %
IPv6

45
Domains

71
Subdomains

59
IPs

6
Countries

4787 kB
Transfer

12044 kB
Size

46
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/133322/connatix.player.dc.js
Request Chain 34
  • https://sb.scorecardresearch.com/b?c1=2&c2=20480112&ns__t=1634317590817&ns_c=UTF-8&cv=3.5&c8=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&c7=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1634317590817&ns_c=UTF-8&cv=3.5&c8=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&c7=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&c9=
Request Chain 153
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJWQXfq8RPFPJ5_JLvqkUVY&google_cver=1
Request Chain 154
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWm1GVAZXYikjjdLOKGuOwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJWQXfq8RPFPJ5_JLvqkUVY&google_cver=1
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAfl469ipgTowp6NBf1Ij_A&google_cver=1
Request Chain 156
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODMxMzk5MjY3ODU5MTQ3OA%3D%3D
Request Chain 184
  • https://fw.adsafeprotected.com/rfw/st/828216/57278988/skeleton.js?adsafe_url=https%3A%2F%2Fijr.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d80fe346-4052-547c-43e0-3066c40bd0be,c:r8jhNx,sl:outOfView,em:true,fr:false,thd:1,mn:app10ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:395,fm:sLVI4fD+11%7C12%7C13%7C14%7C15%7C16%7C17*.828216-57278988%7C171%7C172%7C173%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:419,oid:3f374561-2dda-11ec-8576-0634eb268b40,v:19.8.250,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/passback_970x250.js
Request Chain 186
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 226
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

225 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/ 		151 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7442a14fc6ba892524fc46bd15e0cbdafcb40d0fbeb082c98bb457ab0b8db58a

Request headers

:method
GET
:authority
ijr.com
:scheme
https
:path
/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
content-type
text/html; charset=UTF-8
link
<https://ijr.com/wp-json/>; rel="https://api.w.org/" <https://ijr.com/wp-json/wp/v2/posts/1303675>; rel="alternate"; type="application/json" <https://ijr.com/?p=1303675>; rel=shortlink
content-encoding
gzip
cache-control
max-age=1800
cf-cache-status
MISS
last-modified
Fri, 15 Oct 2021 17:06:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
69eaa363b9c8f9d2-PRG
script.js
d3l320urli0p1u.cloudfront.net./ 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3l320urli0p1u.cloudfront.net./script.js
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7616892e8f6dc8f81dadfbdccbb470a98e8d4bd7b8786a9b9ea38597f7ed5769

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:00:55 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 14:31:04 GMT
server
AmazonS3
age
340
etag
W/"9c1f0ca2b08824a9975fead246340d23"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8b360b28aeb67c1982fcc466a05eef03.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
WNvdCxIQnLRNYBUpQ5xKSB6bHycKt6TlPQXqS7krHfwhevqw-sw32Q==
modern-main.css
ijr.com/wp-content/themes/firefly/assets/css/ 		61 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ijr.com/wp-content/themes/firefly/assets/css/modern-main.css?ver=2.0-1630433325
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c7bea3c42439d2bc8af4e8cfc21ca40b44e0627788c37a059d9f2be74f854ac

Request headers

:path
/wp-content/themes/firefly/assets/css/modern-main.css?ver=2.0-1630433325
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Aug 2021 18:08:45 GMT
server
cloudflare
age
21526
etag
W/"612e702d-f3b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
69eaa36b9dbaf9d2-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
prebid.js
ijr.com/wp-content/themes/firefly/assets/js/ 		292 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ijr.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1624317914
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f00c9e5e37883fd44ce3f6ad58ab8b5ad8afdf11c11c8f974d9e3751427464

Request headers

:path
/wp-content/themes/firefly/assets/js/prebid.js?ver=1624317914
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Jun 2021 23:25:14 GMT
server
cloudflare
age
21525
etag
W/"60d11fda-49187"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
69eaa36c8f6ff9d2-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
ijr-logo.png
ijr.com/wp-content/uploads/2021/05/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ijr.com/wp-content/uploads/2021/05/ijr-logo.png
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7da39e61ffcf6c9467bed041e545fa2bcce539f064cdd9cd7875fd94cc57003e

Request headers

:path
/wp-content/uploads/2021/05/ijr-logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
cf-cache-status
HIT
last-modified
Mon, 31 May 2021 19:08:39 GMT
server
cloudflare
age
21524
etag
"60b53437-2836"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
69eaa36c9f91f9d2-PRG
content-length
10294
expires
Thu, 31 Dec 2037 23:55:55 GMT
Screenshot_20200310-074338_2-150x150.jpg
ijr.com/wp-content/uploads/2021/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ijr.com/wp-content/uploads/2021/06/Screenshot_20200310-074338_2-150x150.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6118a9bfaa3e25354c83d9c37985a19546fc80c22d96c9eedad373b864fb45b6

Request headers

:path
/wp-content/uploads/2021/06/Screenshot_20200310-074338_2-150x150.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
cf-cache-status
MISS
last-modified
Wed, 09 Jun 2021 23:49:40 GMT
server
cloudflare
etag
"60c15394-1ad7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
69eaa36cdffff9d2-PRG
content-length
6871
expires
Thu, 31 Dec 2037 23:55:55 GMT
bundle.js
soapps.net/live/loader/ 		115 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/loader/bundle.js
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.245.52.229 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
229.52.245.35.bc.googleusercontent.com
Software
/
Resource Hash
51c8296d90421e0e6e92b3a709d51ff7c4cf897920928de461317e5736a9ebf8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 17:06:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 16 Sep 2021 17:47:05 GMT
ETag
W/"61438319-1cdfa"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript
Cache-Control
public, max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
counter.js
soapps.net/live/loader/ 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/loader/counter.js
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.245.52.229 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
229.52.245.35.bc.googleusercontent.com
Software
/
Resource Hash
4a32db05db0ffd73794ea06d8e03ed592ceee3c3a38dd3333fe981abe8df7620
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 17:06:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 16 Sep 2021 17:47:05 GMT
ETag
W/"61438319-a2d9"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript
Cache-Control
public, max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
set.aspx
bh.contextweb.com/bh/ 		49 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/set.aspx?action=add&pid=1&advid=5248&token=LCMHRD&do=add
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
de-DE
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-cb44fcddf-5rgmw
expires
-1
global-min.js
ijr.com/wp-content/themes/firefly/assets/js/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ijr.com/wp-content/themes/firefly/assets/js/global-min.js?ver=1.1-1625165938
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac7c34acd30b6584ddd29f57aaae2f52d9a05f2a3aac183b0132eb8fcd25872a

Request headers

:path
/wp-content/themes/firefly/assets/js/global-min.js?ver=1.1-1625165938
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Jul 2021 18:58:58 GMT
server
cloudflare
age
21524
etag
W/"60de1072-189c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
69eaa36cd805f9d2-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
ijr.com/wp-includes/js/ 		1 KB
886 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ijr.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 04 Feb 2021 02:53:55 GMT
server
cloudflare
age
21525
etag
W/"601b61c3-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
69eaa36bcdfbf9d2-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ijr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Fri, 15 Oct 2021 17:06:30 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
gtm.js
www.googletagmanager.com/ 		150 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K3K9VP
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
07b6dcb40f5d58ea6fa2e0f15fcfe6d1688c402402f2c445885ea2bc9c24b0e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43274
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 16:12:36 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Oct 2021 17:06:30 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158410/3599/ 		167 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
dea36661bcd2e84495bb6ab5c2b679cde1267f5fd6e9e4f44908b3acb8816ec6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:39:57 GMT
server
Apache/2.2.15 (CentOS)
etag
"1421c11-29a3b-5cd3b9c953a17"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=130130
accept-ranges
bytes
content-type
text/javascript
content-length
54751
expires
Sun, 17 Oct 2021 05:15:20 GMT
v2tjhrUcAMq7Y3xGdeWDIzibo5_ujCCQno9dBVe2W1PjyeXGbyVHfxHWYG7ukAAhF
panickypancake.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://panickypancake.com/v2tjhrUcAMq7Y3xGdeWDIzibo5_ujCCQno9dBVe2W1PjyeXGbyVHfxHWYG7ukAAhF
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.98.201.35.bc.googleusercontent.com
Software
/
Resource Hash
b848d5c3e3853e092fa468bf5d6da1d2d3ef02507ab917519eda5660a60df033
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"e55a66adf21c80a340516ad13a0518bbdbef27e51266fd779692a560cbd224e4"
vary
Accept-Encoding, Accept-Language
x-hostname
94ecd830
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Fri, 15 Oct 2021 17:06:30 GMT
timing-allow-origin
*
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
3dab1e3a8b2f0d2106645d4b5c9a4642b6b1e50c3ba237ba25389c549eb43fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1016 / 817 of 1000 / last-modified: 1634306813"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27193
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Oct 2021 17:06:30 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
content-encoding
gzip
etag
e2b905aea413c4d7479fb2bb9cbc6c65
age
681
x-cache
Hit from cloudfront
server
Server
x-amz-rid
11HDTVWR18VX8HNFAMR8
date
Fri, 15 Oct 2021 16:55:10 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 b6d0df27407ce1677f17be38cbc0101a.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
z2UjBQKrFXZPMkJ2kIzd3rCexMlh1WXOkmqdsd2mbrgFgWVtAGRnXg==
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 18:29:29 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
139380
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
s-_uaZddRB7Ub6-nmDoCISn2gaCdTjMKf2Q8fGUH0U_Ih_gF8lVkJw==
GettyImages-1341899795-2-560x420.jpg
ijr.com/wp-content/uploads/2021/10/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ijr.com/wp-content/uploads/2021/10/GettyImages-1341899795-2-560x420.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea567c5cfe8f47088661aeccbe96b83efcd1534f4b028338145fcfe810728024

Request headers

:path
/wp-content/uploads/2021/10/GettyImages-1341899795-2-560x420.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
cf-cache-status
HIT
last-modified
Fri, 15 Oct 2021 15:33:10 GMT
server
cloudflare
age
584
etag
"61699f36-cf80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
69eaa36d1892f9d2-PRG
content-length
53120
cf-bgj
h2pri
2021-03-10T233628Z_1_LYNXMPEH291QC_RTROPTP_4_NEW-YORK-ABORTION-PROTESTS-560x420.jpg
ijr.com/wp-content/uploads/2021/03/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ijr.com/wp-content/uploads/2021/03/2021-03-10T233628Z_1_LYNXMPEH291QC_RTROPTP_4_NEW-YORK-ABORTION-PROTESTS-560x420.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6482c5837882a55cba186a4ee499a28a3eda815ac33e833b374b2022c2280e1f

Request headers

:path
/wp-content/uploads/2021/03/2021-03-10T233628Z_1_LYNXMPEH291QC_RTROPTP_4_NEW-YORK-ABORTION-PROTESTS-560x420.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
cf-cache-status
HIT
last-modified
Wed, 09 Jun 2021 22:35:32 GMT
server
cloudflare
age
584
etag
"60c14234-d1c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
69eaa36d2894f9d2-PRG
content-length
53702
cf-bgj
h2pri
GettyImages-1130613105-560x420.jpg
ijr.com/wp-content/uploads/2021/10/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ijr.com/wp-content/uploads/2021/10/GettyImages-1130613105-560x420.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1030dab81163d716a755ba77cea16451af41dc895d449376f50a99465b662b6

Request headers

:path
/wp-content/uploads/2021/10/GettyImages-1130613105-560x420.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
cf-cache-status
HIT
last-modified
Fri, 15 Oct 2021 13:58:10 GMT
server
cloudflare
age
584
etag
"616988f2-5589"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
69eaa36d2897f9d2-PRG
content-length
21897
cf-bgj
h2pri
2020-07-15T222814Z_1_LYNXNPEG6E1VL_RTROPTP_4_HEALTH-CORONAVIRUS-USA-SCHOOLS-560x420.jpg
ijr.com/wp-content/uploads/2020/07/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ijr.com/wp-content/uploads/2020/07/2020-07-15T222814Z_1_LYNXNPEG6E1VL_RTROPTP_4_HEALTH-CORONAVIRUS-USA-SCHOOLS-560x420.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d58e40fc86d99b7243997db72f795281469d70c368f91a73834f750fe410140

Request headers

:path
/wp-content/uploads/2020/07/2020-07-15T222814Z_1_LYNXNPEG6E1VL_RTROPTP_4_HEALTH-CORONAVIRUS-USA-SCHOOLS-560x420.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
cf-cache-status
HIT
last-modified
Wed, 09 Jun 2021 17:55:39 GMT
server
cloudflare
age
584
etag
"60c1009b-c4d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
69eaa36d2899f9d2-PRG
content-length
50388
cf-bgj
h2pri
Screenshot-2021-10-15-9.53.54-AM-560x420.jpg
ijr.com/wp-content/uploads/2021/10/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ijr.com/wp-content/uploads/2021/10/Screenshot-2021-10-15-9.53.54-AM-560x420.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d08f16f0ff8b128a21fa0eedcf799cb83430b52044260c8f09c5a3038c7a44c

Request headers

:path
/wp-content/uploads/2021/10/Screenshot-2021-10-15-9.53.54-AM-560x420.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
cf-cache-status
HIT
last-modified
Fri, 15 Oct 2021 13:55:23 GMT
server
cloudflare
age
8832
etag
"6169884b-a059"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
69eaa36d289cf9d2-PRG
content-length
41049
cf-bgj
h2pri
GettyImages-1344955249-560x420.jpg
ijr.com/wp-content/uploads/2021/10/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ijr.com/wp-content/uploads/2021/10/GettyImages-1344955249-560x420.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e6d35e5cc98ef65f88e06caca1f23c0e376a0fdd43255f64e204aeff77591d

Request headers

:path
/wp-content/uploads/2021/10/GettyImages-1344955249-560x420.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
cf-cache-status
HIT
last-modified
Fri, 15 Oct 2021 12:31:44 GMT
server
cloudflare
age
8832
etag
"616974b0-a2ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
69eaa36d38cdf9d2-PRG
content-length
41643
cf-bgj
h2pri
c
pa.rxthdr.com/v3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pa.rxthdr.com/v3/c?publisherId=556182c7-ac68-4d56-8c66-4b4336e28e5e&host=ijr.com
Protocol
H2
Server
23.20.58.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-58-18.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://ijr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 15 Oct 2021 17:06:31 GMT
server
nginx
access-control-allow-origin
https://ijr.com
access-control-allow-methods
POST, GET
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
cache-control
no-cache, private
localstore.js
script.4dex.io/ 		483 B
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
198513
x-amz-request-id
txb9c02806eef8448c8c0fa-006166ad02
x-amz-id-2
txb9c02806eef8448c8c0fa-006166ad02
last-modified
Wed, 13 Oct 2021 09:54:40 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ski%2BpkWUiBN7ibGMYL8bou7b25ZleOsu7INyRHVwCvJBYnE2F1Az%2FDWchRHJnXaXSfJ7neN8xlAE3I75rlZ1yAKEGtVpoAe2uPMgaF5O8CMhqXUhC4HwanPWHtcNO85P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1634118880750401
cf-ray
69eaa36e5c4c4131-PRG
c
pa.rxthdr.com/v3/ 		47 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pa.rxthdr.com/v3/c?publisherId=556182c7-ac68-4d56-8c66-4b4336e28e5e&host=ijr.com
Requested by
Host: ijr.com
URL: https://ijr.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1624317914
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.58.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-58-18.compute-1.amazonaws.com
Software
nginx /
Resource Hash
af22b7b8b927999e453225a1bbb00a6a4894a38f2df58f10c96e01bcafea8bc5

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/json

Response headers

date
Fri, 15 Oct 2021 17:06:31 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
https://ijr.com
cache-control
no-cache, private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
prebid
prebid.media.net/rtb/ 		330 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU8Y0E88
Requested by
Host: ijr.com
URL: https://ijr.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1624317914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6a3004d246720648d9e271be604a190373bcf3af4410374b3daf4b422f5f789c

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:30 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ijr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ijr.com
URL: https://ijr.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1624317914
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e7c2abb385cb068cc615d8602d390bb63fc31a30ccd451beff710564acf6969f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Oct 2021 17:06:30 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.13; 216.131.114.13; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
35ffe922-e053-44a4-b46e-f955cd7c064f
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ijr.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ijr.com
URL: https://ijr.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1624317914
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ijr.com
date
Fri, 15 Oct 2021 17:06:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		263 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14758&site_id=373684&zone_id=2083558&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&tk_flint=pbjs_lite_v4.12.0&x_source.tid=b2f4bb20-b602-49f4-a123-f389e1f8ab68&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7888063195222086
Requested by
Host: ijr.com
URL: https://ijr.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1624317914
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
862d66c1ed72f8ab70412213680625a75a5c8a43b1594cd59aa19fbaf8139933

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 17:06:30 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ijr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
263
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		267 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14758&site_id=373684&zone_id=2083570&size_id=15&alt_size_ids=2%2C16%2C221&rf=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&tk_flint=pbjs_lite_v4.12.0&x_source.tid=9e3c012b-2194-4728-87b7-10f496106985&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.33803645123366777
Requested by
Host: ijr.com
URL: https://ijr.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1624317914
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2bb4e9827f310ce8e3fe45c61fc23d9f929d169f6158bdf021c04dc5c7c7626b

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 17:06:30 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ijr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
267
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		265 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14758&site_id=373684&zone_id=2083578&size_id=15&alt_size_ids=9%2C8%2C10%2C221&rf=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&tk_flint=pbjs_lite_v4.12.0&x_source.tid=d365cbce-955a-4af8-aad5-bf7af198b1b3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.38205194410841736
Requested by
Host: ijr.com
URL: https://ijr.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1624317914
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
60d7c6a3649bd55c6fdebc7e0296fc25ea9b4fb1aa9d1c2dbed937f276a2b3c4

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 17:06:30 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://ijr.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
265
Expires
Wed, 17 Sep 1975 21:32:10 GMT
connatix.player.dc.js
cds.connatix.com/p/133322/ Frame B551
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/133322/connatix.player.dc.js
1 MB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/133322/connatix.player.dc.js
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd3c62c260be7b20d6d6c8150684e5f09e74753f1986f548b593a9895546c796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
content-encoding
br
last-modified
Fri, 15 Oct 2021 14:37:49 GMT
age
8726
etag
"9da9ffcc162bbc5d66bc51c71a8d0ace"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
230956

Redirect headers

location
https://cds.connatix.com/p/133322/connatix.player.dc.js
date
Fri, 15 Oct 2021 17:06:30 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=20480112&ns__t=1634317590817&ns_c=UTF-8&cv=3.5&c8=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinform...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1634317590817&ns_c=UTF-8&cv=3.5&c8=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinfor...
64 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1634317590817&ns_c=UTF-8&cv=3.5&c8=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&c7=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&c9=
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:30 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
0i3xOH4EmIxqOhCKKQ6HNMqcZp6HhNePaakgI6cd8A-rNqqdv0YFjg==

Redirect headers

date
Fri, 15 Oct 2021 17:06:30 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1634317590817&ns_c=UTF-8&cv=3.5&c8=Sen.%20Ron%20Johnson%20Receives%20Four%20'Pinocchios'%20for%20'Campaign%20of%20Vaccine%20Misinformation'&c7=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&c9=
content-length
406
x-amz-cf-id
CSVX2T5ggYRtIuYRZpEl6qsurM4wRARttkPNCAp4-mhSaye_QbLnWQ==
gettyimages-823649336-594x594-550x396.jpg
ijr.com/wp-content/uploads/2019/01/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ijr.com/wp-content/uploads/2019/01/gettyimages-823649336-594x594-550x396.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69811c3d615718ee1452f99f23a227f7ff9805051c3fe92c9bc0a2f5c058b88

Request headers

:path
/wp-content/uploads/2019/01/gettyimages-823649336-594x594-550x396.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:31 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 22:04:49 GMT
server
cloudflare
etag
"60b55d81-6827"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
69eaa36ebb49f9d2-PRG
content-length
26663
expires
Thu, 31 Dec 2037 23:55:55 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fijr.com%2F&domain=ijr.com&cw=1&lsw=1
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://ijr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ijr.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1576
date
Fri, 15 Oct 2021 17:06:30 GMT
content-encoding
gzip
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		318 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fijr.com%2F&domain=ijr.com&cw=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
226dc21e12873fb6a08e263f67b9808c5a9f0b6f3d414b8afad75efe8440f884
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 15 Oct 2021 17:06:30 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ijr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2387
expires
0
pubads_impl_2021101201.js
securepubads.g.doubleclick.net/gpt/ 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124532
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Oct 2021 17:06:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		191 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ijr.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d7450045aaa3bd12dfa44c3ec5e345bfcc1429f3bc5ae6a97f61639c75a41d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 17:06:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118
x-xss-protection
0
expires
Fri, 15 Oct 2021 17:06:31 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:31 GMT
via
1.1 b6d0df27407ce1677f17be38cbc0101a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
access-control-allow-origin
https://ijr.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
w-WjFjB86sYgIQ4Yp5SnzwFGZ2Bvtp84JLbj-CMrc8x5uGOZDTdmBA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&pid=y4gXaJqEiPDIX&cb=0&ws=1600x1200&v=7.69.01&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F101957818%2C22569655366%2FIndependentJournalReview%2FIndependentJournalReview_Article%2FIndependentJournalReview_Article_Direct%2FIndependentJournalReview_Article_Direct_BB1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22336x280%22%2C%22300x250%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F101957818%2C22569655366%2FIndependentJournalReview%2FIndependentJournalReview_Article%2FIndependentJournalReview_Article_Direct%2FIndependentJournalReview_Article_Direct_IC1%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22120x600%22%2C%22160x600%22%2C%22300x600%22%2C%22300x250%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F101957818%2C22569655366%2FIndependentJournalReview%2FIndependentJournalReview_Article%2FIndependentJournalReview_Article_Direct%2FIndependentJournalReview_Article_Direct_SB2%22%7D%5D&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:31 GMT
via
1.1 b6d0df27407ce1677f17be38cbc0101a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P1
x-amz-rid
FYEY81Q40MX8X404N085
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ijr.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
mV-jZIxFxqSIdOOvUCePKewdtdommcVtPJuALEPe_5lk6Fh6VroQeQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
51981
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Fri, 15 Oct 2021 02:40:11 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
QcHGI716TbNJgccJ60s9HKS0t2P7pMOMbY5rVJ1N_hE0Hs4UCi9NqA==
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74376393c26fe59ec8d36fce2ce596487f33b5d812c4ac6440750ec5eb3ae2ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21523
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx8d04f624d8a14b76b3fde-006166ad1b
x-amz-id-2
tx8d04f624d8a14b76b3fde-006166ad1b
last-modified
Wed, 13 Oct 2021 09:54:39 GMT
server
cloudflare
etag
W/"5d86b951e952627506fe3959016560f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b69ZCEcrZzcXyvUYTLHjOTyJtxCPiSSemKJpiYWBGwgrYZkS9AAkxW%2FUWcNeCA2fLhFQ6P3X2v0YmGW57VKcdEpXXJioORMoFUaHS2xAdtUPUto%2BuaWpF7q3VqvTDbse"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1634118879265959
cf-ray
69eaa3701ead4119-PRG
access-control-allow-headers
Authorization
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
1174
date
Fri, 15 Oct 2021 16:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 15 Oct 2021 18:46:57 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
86bf486c6eb0cfebd37b935926a7c5c81ff674200a8a2aee6f601ccd76699387
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25966
x-xss-protection
0
pragma
public
x-fb-debug
z68BRRTXPCj6z3ZawJXv7AZ2aKtux7MF76wUT7powoc2zQLZIG0t8IG4Fz9A4C9UO19HWntaP4F9CD0NPHYFWQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 15 Oct 2021 17:06:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
delivery.js
assets.revcontent.com/master/ 		370 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95a197d77b9034160ff10d2c8fa93a8c08605ca63713a2351449352198562c08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:31 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 15:14:25 GMT
server
AmazonS3
x-amz-request-id
H641KSP4DGH10MAF
etag
"15087c64be9ec527cc253021a48c3ff3"
x-hw
1634317591.cds041.fr8.hn,1634317591.cds055.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
110120
x-amz-id-2
phbTJl6m9oNVMZ0dYJWlGEo+pDXmt+8OsqUc+aOf0Axz2VRYmO0ZgwaYiubPYsNmdHr2lS4keE8=
d2fbc6b1-49e4-4e05-b521-2e3ec7e7fbec.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/d2fbc6b1-49e4-4e05-b521-2e3ec7e7fbec.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
936336239cd61e41c89bd0612148c1103704a7590cbdd785bbb638473c8a29b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
S9.MzM_F4rAsLfx6RPaujHjkdMmh..qg
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 18:40:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"bfe3c7c22ca9425a05d5df521a6fcbe9"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Fri, 15 Oct 2021 17:06:32 GMT
x-amz-cf-id
nF6dAGiHWOyDE4I0AEFTvzgWBKJ3ryIMVvLvk-zBtfJsMmwHN0f4ug==
ats.js
ats.rlcdn.com/ 		184 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-34.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66292d1f2876ac355465cd5ca1562a9b1dc18c2cf0c498c7d5862ab0f22e5d6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
9bnkdZ.QZZ0I_dvcV.i.7nS6.mh1GXo3
content-encoding
gzip
etag
W/"e7cbbf596270d500e1b8c4407933c91a"
age
57533
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:47f2f39e-adb2-473d-bd2d-2589e73b0672
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
5afceba0404268d8179075673482977d
last-modified
Wed, 29 Sep 2021 12:20:21 GMT
server
AmazonS3
date
Fri, 15 Oct 2021 01:07:39 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
e62204c8b13649b2a430d3eb62cf86725da7d2d0db3079f168ca2d40c37e0c7b
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-type
application/x-javascript
x-amz-cf-id
fQqCMvY2VKJBaS9GYyHnbNO4XKkantlKDfvyX_dFTrT4XEZD7UL6Bg==
/
soapps.net/live/comments/api/comments/getContentIdByUrl/ 		79 B
424 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/comments/api/comments/getContentIdByUrl/?integrationId=d2fbc6b1-49e4-4e05-b521-2e3ec7e7fbec&pageUrl=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F&pageTitle=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&imageUrl=https%3A%2F%2Fijr.com%2Fwp-content%2Fuploads%2F2019%2F01%2Fgettyimages-823649336-594x594.jpg
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.245.52.229 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
229.52.245.35.bc.googleusercontent.com
Software
/
Resource Hash
b08a2f80bcf848be1fdc9686ce95b4238e30c8dc8797b39b7dda2bc2936ef2fd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 17:06:31 GMT
Vary
Origin
RequestId
969f9fb9-1c88-4a6a-8c53-175b8bded74c
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/json
Access-Control-Allow-Origin
https://ijr.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
79
player.css
cds.connatix.com/p/133322/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/133322/player.css
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4fbff6ff8867967f8d2558d1aea035ce50147119b8f295f6f46f038fba79bdb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:31 GMT
content-encoding
br
last-modified
Fri, 15 Oct 2021 14:37:50 GMT
age
8726
etag
"571910b98cd94a1811ec401554c3667a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8254
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age
6051117
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
BUfWlx-XTtefHbBMqrxFLgLaQmP2pD5thlYgYwCJjmjZrntch5XkLQ==
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:31 GMT
content-encoding
gzip
last-modified
Mon, 11 Oct 2021 02:55:43 GMT
server
nginx
etag
W/"14f4-17c6d470719"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
https://lockerdome.com
content-length
2348
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ijr.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 17:06:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		109 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4027926291292445&correlator=128479504790050&output=ldjh&impl=fifs&eid=31063133%2C31062463%2C31062524%2C31063127&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=101957818%3A22569655366%2CIndependentJournalReview%2CIndependentJournalReview_Article%2CIndependentJournalReview_Article_Direct%2CIndependentJournalReview_Article_Direct_BB1%2CIndependentJournalReview_Article_Direct_SB2&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5&prev_iu_szs=970x250%7C970x90%7C728x90%2C120x600%7C160x600%7C300x600%7C300x250%7C1x1&prev_scp=ad_h%3D17%26amznbid%3D2%26amznp%3D2%7Cad_h%3D17%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=Site%3Dhttp%253A%252F%252Fijr.com%26Tag%3DCoronavirus%2520Outbreak%252CRon%2520Johnson%252CUS%2520news%26Category%3DNews%26URL%3D%252Fsen-ron-johnson-four-pinocchios-vaccine%26GoogleCompliant%3Dtrue%26utm_campaign%3Dmanualpost%26utm_content%3D2021-07-16%26utm_medium%3Dijr%26utm_source%3Dtwitter&cookie_enabled=1&bc=31&abxe=1&lmt=1634317590&dt=1634317591388&dlt=1634317590296&idt=1021&frm=20&biw=1600&bih=1200&oid=2&adxs=315%2C1156&adys=220%2C1234&adks=4261121858%2C1974702164&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1168x268%7C336x18&msz=970x-1%7C336x0&ga_vid=1477309724.1634317591&ga_sid=1634317591&ga_hid=577388286&ga_fc=false&fws=0%2C0&ohw=0%2C0&btvi=0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a74f21a6eb05e9de7232eb1725411a76716a3293d28789df154a252a2db31867
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COGB9LvzzPMCFdZN4Aodo48OBA&gqi=&layout=/sadbundle/%24csp%253Der3%24/11961442600037494693/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COGB9LvzzPMCFdZN4Aodo48OBA&gqi=&layout=/sadbundle/%24csp%253Der3%24/11961442600037494693/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36557
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
date
Fri, 15 Oct 2021 17:06:31 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ijr.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8CA4 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ijr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 15 Oct 2021 17:06:31 GMT
expires
Sat, 15 Oct 2022 17:06:31 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 16:19:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 15 Oct 2021 17:19:43 GMT
pls
capi.connatix.com/core/ Frame B551 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=133322
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.225.3.119 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-225-3-119.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
55738599fe71fd6ee8ccb3594ac5f9f347c2828c4e08f2f713cd4dfbfaf77093

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Fri, 15 Oct 2021 17:06:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://ijr.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1652
/
trends.revcontent.com/api/demand/ 		52 B
260 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=178718
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.179.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-179-1.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://ijr.com
date
Fri, 15 Oct 2021 17:06:31 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.179.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-179-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://ijr.com
date
Fri, 15 Oct 2021 17:06:31 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
606809489393836
connect.facebook.net/signals/config/ 		490 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/606809489393836?v=2.9.47&r=stable
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
37077b87d1caa3442217807f021f2a5d2fa0fb968ccef83afe9704eed2f032c1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
147178
x-xss-protection
0
pragma
public
x-fb-debug
r5Ftr8a21gwJ1jgWzy7sF6uBRNTBvfZGSzVP8vK3QsXOLtcAw+n+ZpWv61poW1Ox6IfE/ytEnSvfiTTsIreXig==
x-frame-options
DENY
date
Fri, 15 Oct 2021 17:06:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
geo.privacymanager.io/ 		30 B
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-116.fra2.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 14:32:29 GMT
via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront), 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
age
9242
x-amzn-requestid
80079c13-f369-4737-aba8-e50e11173295
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-616990fd-6f11b2481e1d839738cf17c0;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA2-C2
x-amz-apigw-id
HQOXmFHJDoEFoHw=
content-length
30
x-amz-cf-id
wgbulYuZHa4Hr3h0Km9_IQSWp7I3E4cv8zpBXxH1EIrFomBFsKOb2A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
page
soapps.net/live/reactions/api/ Frame 7EDC 		62 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/reactions/api/page?pageUrl=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&pageTitle=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&integrationId=d2fbc6b1-49e4-4e05-b521-2e3ec7e7fbec&contentId=f448d411-d182-4a9c-a1fa-cd903d66ff8a&frameUuid=34a9b720-c0bd-42f2-9813-06fef6e4a17e
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.245.52.229 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
229.52.245.35.bc.googleusercontent.com
Software
/
Resource Hash
012651a9184b68591dda9aad8e6bb3776af7f1aa2fc2a2df794042beaca57049
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Host
soapps.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ijr.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/

Response headers

Date
Fri, 15 Oct 2021 17:06:31 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Origin
RequestId
b2145905-490a-40fe-9038-14f91fc57ddd
Access-Control-Allow-Credentials
true
ETag
W/"f92f-K8T9FLC37pGqZi3vDYwGNXrfbeM"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
page
soapps.net/live/comments/api/ 		107 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/comments/api/page?pageUrl=https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost&pageTitle=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&integrationId=d2fbc6b1-49e4-4e05-b521-2e3ec7e7fbec&contentId=f448d411-d182-4a9c-a1fa-cd903d66ff8a&frameUuid=5ba6d085-aad2-4a3f-bc0c-11e987baa298
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.245.52.229 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
229.52.245.35.bc.googleusercontent.com
Software
/
Resource Hash
a6dca96a212c6402c4d9b155910bc9d4e16faa797569adfe3c3a23d55577ca24
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 17:06:31 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
ETag
W/"1aa70-OgRwci9GSH8VYLw3VRQHad3iJ60"
RequestId
d4722499-20e2-4a96-aeb0-c6a80915df8d
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://ijr.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
b682993b-886f-4b67-99bf-c9e40571e201.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/d2fbc6b1-49e4-4e05-b521-2e3ec7e7fbec/ 		296 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/d2fbc6b1-49e4-4e05-b521-2e3ec7e7fbec/b682993b-886f-4b67-99bf-c9e40571e201.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9899d82d0ed27e142f210a5b7d018a44325bdb4532f1f0ea87d797f97127e7dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
cafyfjc6EUCC5iVLfZQPpGNa8Rbf18Cc
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 18:40:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"b1fba66ffd5b92be5e0d333c57b06753"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Fri, 15 Oct 2021 17:06:33 GMT
x-amz-cf-id
VzIalckREHX1PsSYA2H1HbZoXnr_DwQiOg1VweLsngmP7dUYwJoKow==
/
geoip.instiengage.com/json/ 		242 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/d2fbc6b1-49e4-4e05-b521-2e3ec7e7fbec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.137.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-137-126.compute-1.amazonaws.com
Software
/
Resource Hash
7342bf4487703692ce84ec36496caec42bba20068cca6f30a2c08050258c679a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://ijr.com
date
Fri, 15 Oct 2021 17:06:32 GMT
access-control-allow-credentials
true
x-database-date
Thu, 14 Oct 2021 22:15:05 GMT
content-length
242
vary
Origin
content-type
application/json
usertracking
b2c.instiengage.com/v3/pages/ Frame F266 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.instiengage.com/v3/pages/usertracking
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.137.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-137-126.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

:method
GET
:authority
b2c.instiengage.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ijr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
099e581b-e240-49ef-8b56-3da28986aed0
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
Cookie set 13652748021242214
lockerdome.com/lad/ Frame 4EBD 		38 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13652748021242214?pubid=ld-4668-3370&pubo=https%3A%2F%2Fijr.com&rid=&width=728
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
21d0d09a197b601cf906d2360090798bf442a069aca800c6c45bdc5058fa1596

Request headers

Host
lockerdome.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ijr.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/

Response headers

Set-Cookie
account_id=14391537660574976; Domain=.lockerdome.com; Path=/; Expires=Sat, 15 Oct 2022 17:06:32 GMT; Secure; SameSite=None login_token=%2214391537660574976%7C1642093592181%3A%7Call%7CL77j8Nfv69zeIL7znkXtkB7bsPxuz5d5WXJfbsi5I7DdiC%2B%2F9nHUSaN%2BAOuiGSkQvEplcZ1eG8LiFYxV%2F%2BKVLA%3D%3D%22; Domain=.lockerdome.com; Path=/; Expires=Sat, 15 Oct 2022 17:06:32 GMT; Secure; SameSite=None ldrid=bqGRk1ybS4Nn30Y%2FVqJHN4yapaiCX341LJX6ZOqShU8CSF8kA5%2FFuoDvuKmjXHDfNFL%2BtpeKK3ulyYvlc3DEIXVKN4TtZS%2FGuljmXMwrP%2F65tEqK7ftieH6ahK7RFupV; Domain=.lockerdome.com; Path=/; Secure; SameSite=None
P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Content-Length
10672
Date
Fri, 15 Oct 2021 17:06:32 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-30128009-1&cid=1477309724.1634317591&jid=1749200331&gjid=2111258573&_gid=328921465.1634317591&_u=aChAgUAjAAAAAE~&z=1905173959
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 15 Oct 2021 17:06:31 GMT
content-type
text/plain
access-control-allow-origin
https://ijr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=577388286&t=pageview&_s=1&dl=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&ul=en-us&de=UTF-8&dt=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgUAj~&jid=1749200331&gjid=2111258573&cid=1477309724.1634317591&tid=UA-30128009-1&_gid=328921465.1634317591&gtm=2wgad0K3K9VP&cd1=http%3A%2F%2Fijr.com&cd2=Coronavirus%20Outbreak&cd6=News&cd7=2021-07-16&cd10=0&cd11=savannah&cd12=0&cd14=Coronavirus%20Outbreak%2C%20Ron%20Johnson%2C%20US%20news&cd15=News&cd16=400&cd17=0&cd23=12&cd24=84&cd25=web&cd29=0&cd33=2021-10-15T17%3A06%3A31.45%2B00%3A00&cd34=1634317591045.3934gfoi&cd37=false&cd38=&cd39=&cd40=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&cd41=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&cd42=1303675&cd43=standard&cd44=84&cd45=84&cd46=true&cd47=above_article&z=1672995268
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 03:21:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
49516
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
trends.revcontent.com/api/delivery/ 		35 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=178718&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&icr_url=&va=0&time=1634317591770&up=pc&bn=chrome&bv=93&widget_width=817&style_id=0
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.179.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-179-1.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
e035a94f0c4f8207f00e092953e54211aed7484c082ed3114e402b5b4c77f972
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:31 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ijr.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
13853
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=606809489393836&ev=PageView&dl=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&rl=&if=false&ts=1634317591805&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634317591803.606530307&it=1634317591577&coo=false&exp=p0&rqm=GET
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 15 Oct 2021 17:06:31 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=606809489393836&ev=ViewContent&dl=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&rl=&if=false&ts=1634317591812&cd[content_name]=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&cd[content_tag]=%5B%22Coronavirus%20Outbreak%2C%20Ron%20Johnson%2C%20US%20news%22%5D&cd[content_category]=%5B%22News%22%5D&cd[articleReactions]=%5B%22undefined%22%5D&cd[articleVirtues]=%5B%22undefined%22%5D&cd[siteName]=http%3A%2F%2Fijr.com&cd[wordCount]=400&cd[articleTitle]=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&cd[articleSocialTitle]=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&cd[articleSEOTitle]=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&cd[articleChooser]=false&cd[articleTitler]=false&cd[articleTitleLength]=84&cd[articleSocialTitleLength]=84&cd[articleSEOTitleLength]=84&cd[articleEditor]=false&cd[articleShareTextAuthor]=false&cd[articleShareTextLength]=0&cd[articlePublishDate]=2021-07-16&cd[paragraphCount]=12&cd[articleID]=1303675&cd[articleFormat]=standard&cd[platform]=web&cd[_filteredParams]=%7B%22unwantedParams%22%3A%5B%22articleAuthor%22%5D%2C%22sensitiveParams%22%3A%5B%5D%7D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1634317591803.606530307&it=1634317591577&coo=false&exp=p0&rqm=GET
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 15 Oct 2021 17:06:31 GMT
container.html
8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A0E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ijr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 15 Oct 2021 17:06:31 GMT
expires
Sat, 15 Oct 2022 17:06:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-30128009-1&cid=1477309724.1634317591&jid=1749200331&_u=aChAgUAjAAAAAE~&z=761367106
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2B4A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ijr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 15 Oct 2021 17:06:31 GMT
expires
Sat, 15 Oct 2022 17:06:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sr
capi.connatix.com/tr/ Frame B551 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=133322
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.225.3.119 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-225-3-119.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Fri, 15 Oct 2021 17:06:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://ijr.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
analytics.js
s.srvsynd.com/2/234175/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a00f30ddf9a2b56880d70dfdaf59fbe15797466e90c8bdd797ecd996a2e540bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 17:06:32 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
3147
Expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
3dab1e3a8b2f0d2106645d4b5c9a4642b6b1e50c3ba237ba25389c549eb43fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1016 / 855 of 1000 / last-modified: 1634306813"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27193
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Oct 2021 17:06:32 GMT
2_media.bin
vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/d8851e5c-068e-43b4-80a6-aa2a37ea82ef/ Frame B551 		291 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/60764267-557e-410f-85cb-f102d92ee134/d8851e5c-068e-43b4-80a6-aa2a37ea82ef/2_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ee737a1d1305fdaa71cb4c90438ab581c483eb17a912c0d491b54683690d027

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
content-encoding
gzip
last-modified
Wed, 29 Sep 2021 16:38:52 GMT
age
97194
etag
"b71ccacb93402dc4a27785464814f033"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
255
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B551 		369 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
e915b42bd3104526660e0dc21d2c6495a63a70f1ed68a199a34f4a37e15c03f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125411
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Fri, 15 Oct 2021 17:06:32 GMT
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.179.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-179-1.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://ijr.com
date
Fri, 15 Oct 2021 17:06:32 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
/
img.revcontent.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
last-modified
Wed, 01 Jul 2020 17:13:25 GMT
etag
"1593623605"
x-hw
1634317592.cds137.fr8.hn,1634317592.cds260.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20438
rc-logo.png
cdn.revcontent.com/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
last-modified
Mon, 13 Sep 2021 19:23:45 GMT
etag
"1631561025"
x-hw
1634317592.cds123.fr8.hn,1634317592.cds130.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=51
accept-ranges
bytes
content-length
4298
css2
fonts.googleapis.com/ Frame EC4C 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
4a86e47d4b36c16d518c1cffbf8e81d172e35a445e9823aa06bbbad71ad08716
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ijr.com/
Origin
https://ijr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 15:41:43 GMT
server
ESF
date
Fri, 15 Oct 2021 17:06:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 15 Oct 2021 17:06:32 GMT
css2
fonts.googleapis.com/ Frame EC4C 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
4a86e47d4b36c16d518c1cffbf8e81d172e35a445e9823aa06bbbad71ad08716
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 16:45:00 GMT
server
ESF
date
Fri, 15 Oct 2021 17:06:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 15 Oct 2021 17:06:32 GMT
vendors~app.js
ijr.com/static/ Frame EC4C 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ijr.com/static/vendors~app.js?v=0.0.72
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/static/vendors~app.js?v=0.0.72
pragma
no-cache
cookie
_pbjs_userid_consent_data=3524755945110770; _pubcid=7afabac2-47fc-424c-8ee2-3c2f3039fd2d; cto_bidid=jr4UfV9iRnJXcFVOWk9qNVlRYkUxNkJTTSUyQjZHQUNLbGxSaTJnOGtSdlVSWWFrazRrTVJMT1NYdnJVdzB5ZEpvWSUyRk1uT2I4RDRkZnpyMmdUVzMzeWkwcVZNdHclM0QlM0Q; cto_bundle=Ojd79V9TcFNFWmNyZFZMJTJGcWhOT053blNvazE1JTJGeXpOVGZNWlNPdVFrTEphZzhScnRwMnNrTURzYkpvYXZLNXA2djVMcEtnZDZ4YjZwVXdLeGg2UEhkUnNYamFtdW5Lbm5vYURVeVhISFBpWnh1a28lM0Q; _ga=GA1.2.1477309724.1634317591; _gid=GA1.2.328921465.1634317591; _dc_gtm_UA-30128009-1=1; _fbp=fb.1.1634317591803.606530307; _lr_geo_location=DE; __gads=ID=f5050d2d296d2469-2229d418f7ca0094:T=1634317591:S=ALNI_MbnJi9PvKIcni-v4ZEPHEozkzhjuQ
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
cache-control
max-age=1800
cf-ray
69eaa377a93af9d2-PRG
app.js
ijr.com/static/ Frame EC4C 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ijr.com/static/app.js?v=0.0.72
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.49.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/static/app.js?v=0.0.72
pragma
no-cache
cookie
_pbjs_userid_consent_data=3524755945110770; _pubcid=7afabac2-47fc-424c-8ee2-3c2f3039fd2d; cto_bidid=jr4UfV9iRnJXcFVOWk9qNVlRYkUxNkJTTSUyQjZHQUNLbGxSaTJnOGtSdlVSWWFrazRrTVJMT1NYdnJVdzB5ZEpvWSUyRk1uT2I4RDRkZnpyMmdUVzMzeWkwcVZNdHclM0QlM0Q; cto_bundle=Ojd79V9TcFNFWmNyZFZMJTJGcWhOT053blNvazE1JTJGeXpOVGZNWlNPdVFrTEphZzhScnRwMnNrTURzYkpvYXZLNXA2djVMcEtnZDZ4YjZwVXdLeGg2UEhkUnNYamFtdW5Lbm5vYURVeVhISFBpWnh1a28lM0Q; _ga=GA1.2.1477309724.1634317591; _gid=GA1.2.328921465.1634317591; _dc_gtm_UA-30128009-1=1; _fbp=fb.1.1634317591803.606530307; _lr_geo_location=DE; __gads=ID=f5050d2d296d2469-2229d418f7ca0094:T=1634317591:S=ALNI_MbnJi9PvKIcni-v4ZEPHEozkzhjuQ
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ijr.com
referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
cache-control
max-age=1800
cf-ray
69eaa377a93bf9d2-PRG
truncated
/ Frame EC4C 		812 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3930c59a0de8f6716415416a01a3ef8ea72e4df5f9145d39f19164db53658d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame EC4C 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5b40ab15c9b4fd99052ca5af37ce22f2379f8d2722d8e64f41bb3dc5389c75d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame EC4C 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a8a07129f0d6c3c3ec92530b2fb31362c48bc4b6058f8d784c5df763232a0fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame EC4C 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd6de22bea23412c07dea5014cb261e95a237556c30b6f3ec0a032d787faf0c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
06%20-%20news.svg
storage.googleapis.com/commenting-prod-cdn/avatars/ Frame EC4C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/commenting-prod-cdn/avatars/06%20-%20news.svg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.240 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f16.1e100.net
Software
UploadServer /
Resource Hash
2caed79550c84018f7884125fd3e77e1ee5d2391383365be65f3bd7e2b0f4763

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 16:46:59 GMT
age
1173
x-guploader-uploadid
ADPycdueNaL90af2zMqtWMPoX2yCk7Wbre56IqfMzFFz9HM9wvU5acyvNcUg2b0HzCxixfRlYnUeo0lXVWf2-RObJpPMr7JtWA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1755
last-modified
Wed, 21 Apr 2021 09:00:25 GMT
server
UploadServer
etag
"fb23e15d0c6048019f19d51942214c13"
x-goog-hash
crc32c=n7Cx9g==, md5=+yPhXQxgSAGfGdUZQiFMEw==
x-goog-generation
1618995625530631
cache-control
public, max-age=3600
x-goog-stored-content-length
1755
accept-ranges
bytes
content-type
image/svg+xml
expires
Fri, 15 Oct 2021 17:46:59 GMT
truncated
/ Frame EC4C 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
229624ad9cd76da7a456326bfb601344e506ef08416fca467bbf5f2ac3f06948

Request headers

Referer
Origin
https://ijr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v67/ Frame EC4C 		92 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v67/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
6963af239ecfb1f9722ba86fe3456a19c1d64a995295b3f3b220f5c8c22ef13a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ijr.com/
Origin
https://ijr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 18:14:12 GMT
x-content-type-options
nosniff
age
341540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94648
x-xss-protection
0
last-modified
Tue, 03 Nov 2020 05:39:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 11 Oct 2022 18:14:12 GMT
css2
fonts.googleapis.com/ Frame 7EDC 		4 KB
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Requested by
Host: soapps.net
URL: https://soapps.net/live/reactions/api/page?pageUrl=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&pageTitle=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&integrationId=d2fbc6b1-49e4-4e05-b521-2e3ec7e7fbec&contentId=f448d411-d182-4a9c-a1fa-cd903d66ff8a&frameUuid=34a9b720-c0bd-42f2-9813-06fef6e4a17e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
4a86e47d4b36c16d518c1cffbf8e81d172e35a445e9823aa06bbbad71ad08716
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 16:41:20 GMT
server
ESF
date
Fri, 15 Oct 2021 17:06:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 15 Oct 2021 17:06:32 GMT
app.js
soapps.net/live/reactions/static/ Frame 7EDC 		485 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/reactions/static/app.js?v=1.0.0
Requested by
Host: soapps.net
URL: https://soapps.net/live/reactions/api/page?pageUrl=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&pageTitle=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&integrationId=d2fbc6b1-49e4-4e05-b521-2e3ec7e7fbec&contentId=f448d411-d182-4a9c-a1fa-cd903d66ff8a&frameUuid=34a9b720-c0bd-42f2-9813-06fef6e4a17e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.245.52.229 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
229.52.245.35.bc.googleusercontent.com
Software
/
Resource Hash
085a089558533497dd85e8031dbba899d1d1069c09e817bf6adbdac028aed292
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/live/reactions/api/page?pageUrl=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&pageTitle=Sen.%20Ron%20Johnson%20Receives%20Four%20%27Pinocchios%27%20for%20%27Campaign%20of%20Vaccine%20Misinformation%27&integrationId=d2fbc6b1-49e4-4e05-b521-2e3ec7e7fbec&contentId=f448d411-d182-4a9c-a1fa-cd903d66ff8a&frameUuid=34a9b720-c0bd-42f2-9813-06fef6e4a17e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 17:06:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 30 Sep 2021 12:59:52 GMT
ETag
W/"79301-17c36ca2d40"
RequestId
c003dd0e-f93e-45e0-bdc3-72f7a6c362c1
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
truncated
/ Frame 7EDC 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7faa62d042872fad08371db0bcf219eeb981875a7d54bd2416f98a6f6500839e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7EDC 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
382dbe60c828cc841e1f187885998e867387cde0e2d373cea8c999cb6c9e1f5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7EDC 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c11ba6adaf46c22f716d29a54bb2343f6d07b014266f6ad0798ca6df4db913c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7EDC 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e90613dbce87a1e7532eb74281c714936b782e9c1ee9e776b8f98bdbee8c59e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7EDC 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05f516bc29aa78afdfc1f14f55e36a399deeb463f5eba8fdbeaaf0162c888a61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7EDC 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
077ca5c83974e3d994ef9bcac5555bd0a8aeee5267de65c6b2b1bf4c1b30c44e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
6e5b9a8c276dee455ccd9c4402ceba5d.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/6e5b9a8c276dee455ccd9c4402ceba5d.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
82138c31e6b4983ed71aafea81717c727a854074d0bcc73968531d1d529afe68
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Sep 2021 13:10:48 GMT
server
Cloudinary
etag
"24cf4c239b557b70fa0e8ea3ae9b8e16"
strict-transport-security
max-age=604800
x-hw
1634317592.cds132.fr8.hn,1634317592.cds213.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=117;cpu=1;start=2021-10-07T18:50:14.906Z;desc=miss,rtt;dur=0,cloudinary;dur=20;start=2021-10-07T18:50:14.955Z
accept-ranges
bytes
timing-allow-origin
*
content-length
6879
61604981cbb342-22576005.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/61604981cbb342-22576005.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
2b616e2ed3d90df2b54402d0c827d9ce3eb1d4df509c5d2b5a19ba6c9dc5ed90
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-10-13T06:48:44.905Z;desc=hit,rtt;dur=0
content-length
5714
x-request-id
f805760ab5fa41c5462c1cf8da84d544
last-modified
Wed, 13 Oct 2021 06:43:36 GMT
server
Cloudinary
etag
"680fa2fb0ea270ca8ea3f039f2302467"
strict-transport-security
max-age=604800
x-hw
1634317592.cds132.fr8.hn,1634317592.cds005.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
61685d5bae1846-46387797.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/61685d5bae1846-46387797.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
3dddfde27cad19db69220474ceb14f23d492bbaa982d084bf04f3eaa1fce3adf
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
x-content-type-options
nosniff
server-timing
fastly;dur=1;start=2021-10-14T17:42:06.668Z;desc=hit,rtt;dur=0
content-length
11720
x-request-id
60ada3640776ce9158d5a968f6ff135b
last-modified
Thu, 14 Oct 2021 17:40:11 GMT
server
Cloudinary
etag
"d61767b14797005bef4fdc0a2ce6b53f"
strict-transport-security
max-age=604800
x-hw
1634317592.cds132.fr8.hn,1634317592.cds254.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
61027467e6cd92-22113721.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/61027467e6cd92-22113721.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
d999a5f50fde956ed9e790e9da936ddea4c663dfaded50fa5de4d50ba3e5dcb4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 18:43:19 GMT
server
Cloudinary
etag
"5b18d5bc800b6d516118eb9c891deab6"
strict-transport-security
max-age=604800
x-hw
1634317592.cds132.fr8.hn,1634317592.cds054.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=1;start=2021-07-29T18:50:03.555Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
19119
61027081a2ba24-72394810.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/61027081a2ba24-72394810.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
98ffa43839a9d6b9b6973ddbf6c68b8cf0d9a542d7ad794a0e93cc62f724294d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
x-content-type-options
nosniff
server-timing
fastly;dur=1;start=2021-07-29T18:45:18.852Z;desc=hit,rtt;dur=0
content-length
19157
x-request-id
b7ad6f7e54555dbeb520c41ab2d8eec1
last-modified
Thu, 29 Jul 2021 18:43:19 GMT
server
Cloudinary
etag
"5ad913f05d421a37df3bf0e43926ba6b"
strict-transport-security
max-age=604800
x-hw
1634317592.cds132.fr8.hn,1634317592.cds003.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
610275aab16c19-44512895.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/610275aab16c19-44512895.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
0730cfcf2f292ece6ee121aaebbd52afd5609c65656cf67b2ff3fc1076c27b87
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
x-content-type-options
nosniff
server-timing
fastly;dur=1;start=2021-07-29T18:45:20.863Z;desc=hit,rtt;dur=0
content-length
14492
x-request-id
e88a1933a94ebf90ad24d9f556020de1
last-modified
Thu, 29 Jul 2021 18:43:18 GMT
server
Cloudinary
etag
"bada4e775d897ce2273788114ebc374b"
strict-transport-security
max-age=604800
x-hw
1634317592.cds132.fr8.hn,1634317592.cds292.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
7d5feb73b694b2f2fae10ad00b424972.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/7d5feb73b694b2f2fae10ad00b424972.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
a35379550cb1ee6535778feb2dd72933ee045166239fc4973d5dbf26fb792d91
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Sep 2021 13:12:57 GMT
server
Cloudinary
etag
"f3f50f86d403f89fc738e9c2b3a21490"
strict-transport-security
max-age=604800
x-hw
1634317592.cds132.fr8.hn,1634317592.cds215.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=2;cpu=1;start=2021-10-07T18:50:34.667Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
8524
61027c668b5568-19385253.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/61027c668b5568-19385253.jpg
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
0e0465cde7e3195a57ce80d3afbb739b4ec941168d7a49687a2b41bc5c8cee3b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 18:44:39 GMT
server
Cloudinary
etag
"67902f4797f87590f41afcc4bc2fc422"
strict-transport-security
max-age=604800
x-hw
1634317592.cds132.fr8.hn,1634317592.cds015.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=2;cpu=0;start=2021-09-29T13:35:41.216Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
8950
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1C20 		624 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIT03AEQ_LHlARinnra1ATAB&v=APEucNV6wpDl4guBVLewTvxqd50xe4g96umC8aP7wZx1uLRnxurCYeBPvU5jxF5I9dIhs7LACzwNWNPsCzaWTiGnPAHk87iu8g
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CIT03AEQ_LHlARinnra1ATAB&v=APEucNV6wpDl4guBVLewTvxqd50xe4g96umC8aP7wZx1uLRnxurCYeBPvU5jxF5I9dIhs7LACzwNWNPsCzaWTiGnPAHk87iu8g
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 15 Oct 2021 17:06:32 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUm4jSxBR0oQLIkVKDlIx8gauUE-Jm1fhFEhv5dqctkGNfj2IFUXSxh5-PaY; expires=Sun, 15-Oct-2023 17:06:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 15 Oct 2021 17:06:32 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9A0E 		79 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9YQ_DFEeO4cEKgeiBW3mf67W6A_5VlgNZG0pU3R4dUUnHCvRMxvt9FnlfTjqeJjjwcZ2cDs5QJMQio4yhiRDYTkZ6Bh_zuV-d1K4ocPCb6vBnbNlpNnZ76pM5vZBaNoQ-7a-GJo3Bs52JWA11fAXP-kycAQ&dbm_d=AKAmf-CbCNqcjZSKa9YUBj-maavT_588Z16wGb3OEKd6m6mat7TQXvacqU8W6Gf01yfGleFfBHZKZtCDX8kpQ-oyqvaR7GYgAf2AD5tuTjsEULgxo3dT-h77Vt99FS0k01cJgMmnESgm18Y92-C0IzLqMxeGURjT43cDAfuh3kvDimAezEJUMy3bKjH2UppsXBKGrf5e-ud08pLjVJCe7-ZONExHHhvNEmnYAq4fvIM-1iSIHYTz5hAZoBWtjpS5T7XFGoNAjqNomXMjNOJs9Qalb9nQI5sathNqufrchNGH3XYxYH4cceJt0TR7cb591g474-iyI2B31A73L-DCY2grYZy2DFq0pXlsxqUCINHhFNzWviZ9JOMnA4WJP75BL7Qis4UQlmlTnNttzHtA5FrummiM0pz8GYWMKQjy35g0WaW0SUpKTb9Fd6Z34i70fZclq_3ZWJEfa17UmlGu4SnTf-z44Hr1tab9oVZVchrh9fVAq1SmBcIY0m12_lqwH1stIPf8Iej6KemurNE5P0qYdRSt09m5oFseMgIBBU0K9JxXzNMtDl5YWjPqV2UgDvPn44bl30o4gYTUzOSnKyOzycayym4Dcse17ds6-pczacixWS6fSo6bhqZlcAj6RTkFqWcaaCqzrlm-q9GQ-54w-4ni1Te_KveQsTmkU4FLGSvQYaW3HrsF7QYvr8URxy3a1DwLhYEXp1-xuapcqlgaY6o391HLSZlkxgC_WOdtrBCYG1Ffug1nohc6oZvG2X8gaRHrhp2muSaGbmIPRcqWcMXiSB7_ijC400hvrcMGYhOXAudAGR66xyymwjvjoGYH3oZqIDm5YBqssLbPTvsJaNjC6h84ewgZDEBn0nc-e5SsNBDiXc2EkYEj2ZFX_LoQ7Ft0r38tYK0TZ4DRZtRQPAX5Xw72KKDlxhHgx6N2E1apET3YlO_03SWumfYTp-wjy4Dl8BTYaIg_ZiDgQ4_vWiLiSxTRitTUnwNRpiZNNsBX_97hvc_nFYGYj2LKYT1-IJbJJcT8Ic5nc2ZID6GIlyvDmcnRnw_KdfhuVFcL9LJINLHhFP5Q4QRM0grsmchb3hLg14_84_SCUKB0eNdv-ggkGcsBJcTnj1z-dXBD3xknqpn7W5YOv5VheESzZXIoTY-gctRlRQkJOqaxzB4R1fePC-vVcTzo_gVjQz_VrpSOrQF0z5EPTW45VEEDc4F2uDtuH1Esa-MHo8446W31xTjeKdKAbO1-WQciVqgVrF8VeNJJ2bJ1vDExPNDUgMaW6xckCtwfT0a6g4omxRPmUfWFDjBZlySaGguEkLcMPPFLU6ZvzvF59_vk1fU4Mu_X4zzLiUP4gdmBWlnPzbjFoPKGtQmeygP509xoYr4qtHqZrWBr4wuIoMTXOvDnjwE_WrBCM33UBHQmIsA9Tsz_77qxbtVowYglV2zvcIkDP1IY-55tDVG4nu5i1Vkul0nghYPp1pa1WlQ_U5hLrOSaV2VgoaMLuIp1edtixqXr_mK3dsQicD6wSAvXOSBeCtTBeK1s5U7KmNMJsGDGZpCRJtiUfGZ4wZzcUbriI53CAMSY9bsENXFAczGiHe1PIgleO8v_IneMAAz7jQsGdvi_EPxawyySuVVwP7UEtY24piMk0-Xlat8zw0tAf5f_kJOxde0kofIyMmz5BzRLvMcbNdGS0njjX6nJQIBLWmGcKypHH3TPSf-RrzswK03Z1WtSTq5lcrvL3_jo2rwpcF5M3JqSR7MOuzMuIIKlUYCVs9VvScJeGv-KPqXp4Q0XX4ulbgKFYP1nUc0XpP0MCXVb_bGYuplnkbss8evX_yzhKhNUvGJ8ScwjhMHyISljuDumkysRX0w8tHdG85pFP5Zro65iMFhzbgFka14Gyu0fwJ5f8-xEkDbmtxu3phjH4lRCbgf13xDYG5w97LkTquJUYmQr87e8N5iRaCL4kPZ9VSGDEqpih9n776vkyXcJ7la2r1zW1eQnBU48YCeZIiiqVL9BnjcuvtqJQXyn581dg616GHt1ewZWiDGR7AQ0f9d5YLIBg3nA2M_cQnYOFOt0xBQuCy1xwJBtUcP3J-iUQTVPrNMqUY5jygN5yA3GgKrtPDivgk25b5TAqNHEp-u3oXmuuvWlVaU2-A4W_VkPxZoL2B6Hko4RwsLFGl69zdXlA4x4sMGaYmBtqOesWncw0Iel1wM5uRgPNj9slUMVl-02WtYQLODOYcQdgY0UaunJ1vMGMangdJU24bEDXronU7lYQ9pp80EDndVbmP812Q7iGDOaATWntJ7FD3wftDTpawsBXte5rLQMD7vm-pRkBvQ5LDPnvIjPCfFDLdj0XfFj1E1AAByvNltHOZHy-ZQSFShS-KZipVzso4w6TK87_mJBHi_TbfXtY46L2xuoBeSuygplX55vQR0W4KFDgynqClpiKxTbUDhJnuTSZBi2dPfgmQwE8pLDtFW7a1hV6Z_DHUfj-rOoGPyKoEreHOO29nCer4suNJl6sxnOs5NEXmIAaFuDSupIGzOiM5iB29TzOhLm6Un1x81uulEMDvmyya1NlQf19wBeNDXM99lc3saEY6coNchcVLJ3woygcdRDiIRh0sJCcrl9LH_B3lafGP-pvh_zYFzgvFdV2x-8akN4W44Lhz-uQMUbTbh3h8i9cur5DfTyu9maSq_JTXXuH2gL4Jbs4N9ThNBd5dCNC7syWFQkoy-OaUMA0u4f1jZrqGPJSqlS-x27gMo3r3Kh8TO2vZzxCUb4jv3K7mQtDTWAqgjWb5LPTZvqxsCW_Arqk9EVMmOWPygIv2U3wwgT7P8QKVqJWuTNnM-QHPYyqYV4x9kuYysQa6ZDVlXpILw7P3bG_Kd88M7_X_weF2v3T9gtrS6CZJO4rceOCp7bqvLgaOymSyTPBTzHVYnwzZQL_kukaL2nt_BOyZ1X4c_8_GCzimcH82upeL0jZaTEBNhGgDPU6W_fn4A2M1iaGswhxOwM1aQJ-MjFfGHYNz22VDCneO0JSaV-AtHLW6jJ0feWn33hSCj1tm4AHP3vph_AQxDyHnok_TMS14_clBQopLrF8qAyR9H3DFoUGfSR0hJlHfKozOLroPUYDX1Xm0QRxZmzgF2guFDZE92DOuaMJpA5S4kT-oIbQmQRW06J8zDLa0oBzE9LEXolnNWQOGSLBmLkPkxhDUzDMKYzfaUD1wYLr_UtwELFV29yfVxXcOXICQiKWHl5cR4__GRc2AWo74MU9tVbguzCW73jFZ4gTHuFjkypHxvk36A5C8LyM3GgxIw2NMY9UV6Bnx_FTqsmjetvqraLlhM39o3RThVy3DjKc8IMSMszle9AmSz7TSadghKdcLIA3n5fS-FTvLz7idYQpm3lKOUSAU4LVbpZVi1Q2Z6WCPBkGa6c8bCwHY278X1H7PeJjCzws55CcC6iYRO1nsP5aACljlNl1zVODkpRlmbedmRDz9W8UMkXX392C0KX1levy2GcVYhcLfn8S8Gn8UQ&cid=CAASFeRoknDZAUQ6E_BhmItKu_XpLBhGdQ&rfl=1%2Chttps%253A%252F%252Fijr.com%252F%240
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
58966dd19b9cdb1002f80d1d041b3dc7313f3e093ab1157b0d70acb922516877
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31006
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A0E 		42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D4vp1YXQlwUOkkn91foHP2lU9pqHag7iYNMu34H7SZPKnjxXENQtEdbIx3pXsKhmXpCCiy1M-YZlhprIW2K5tpkjhvLLcWN5dGuQDWMnTYmkgI0Hs
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 9A0E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:03:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 17:03:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9A0E 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Oct 2021 17:06:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 9A0E 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 16:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 16:59:35 GMT
l
www.google.com/ads/measurement/ Frame 9A0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-t90QHpeWruTyhtyfSO4T3N7nh4swuW_LeDG-0fRp2cKazWDzl-5koQ7pu0pPJeD3BCKgspkNuwbxTmePeuMg7Bup-A
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v11/ Frame EC4C 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v11/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
4c95d706475a153fe4bc12a4aae383e5bf845cba076d95d76f413f51424802ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ijr.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 18:13:49 GMT
x-content-type-options
nosniff
age
341563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47452
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:39:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 11 Oct 2022 18:13:49 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/ Frame 382F 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/index.html
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
f7e85c01aed2b50e53959ef60268dbb81284598c78224c38ae99c470d8bf7513
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/11961442600037494693/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
content-length
2927
date
Wed, 13 Oct 2021 18:05:10 GMT
expires
Thu, 13 Oct 2022 18:05:10 GMT
last-modified
Fri, 21 May 2021 17:31:54 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
169282
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 2B4A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJIttF7VpYaGaG9abgQejn7ogr_Xnl2Pwxsqp2g3e2R4QASCy76YiYMkGoAGZq6TIA8gBCeACAKgDAcgDCKoExwJP0KmYGKACabtspemjDMMJ30H-ONiaVBLbBepWz7SbCfejKLYH7HEWv50XQeGhdosPCskDxg2X4w7m_025NByO2lKgjx2QgWN3V5OVDUJN7XAA9e-ez8iDaHARAHTchsxbSF8GUZv_s4dDDYdQcJpJK-KLVGGAG45BKSHZN6gdjJG5FwQNbdXPxrbR3sBdt_9zFJh2_TucseUacE6WGDEnQFvW7jJik4e6lKCjhyhsWRcHmAKs3ektLg7EPc2fsoo0AiVEIgg-5HUes6MSce3-oBIHMtO-Eg-PjnOcABel5n1K2UfdPJQZEtJPy-X6c8alvEO8R3rzQo9wZDopUm2FW-LbVhlr8ylBtiePitbPLOKT3cPHeeuKuRm82fFLGBI7wKEPXL_pDErqRTKvQyXw9V44K1NuMlhbKaM2KuSy96MiDG_E4VrABMXahNrGA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfP1Ns3qAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBCo_xLSCAcIiGEQARgd8ggbYWR4LXN1YnN5bi0zNzM5NDA1MjcxMjk0ODIwgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTM0Nzc1MzkxMjcwODAzMDMY-uMf&sigh=dHSjb64z7-k&template_id=419
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 2B4A 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:03:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 17:03:32 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 2B4A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:03:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 17:03:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2B4A 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Oct 2021 17:06:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 2B4A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 16:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 16:59:35 GMT
/
www.facebook.com/tr/ Frame 2D2E 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
12790
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://ijr.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ijr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://ijr.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://ijr.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Fri, 15 Oct 2021 17:06:32 GMT
ao
capi.connatix.com/tr/ Frame B551 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=133322
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.225.3.119 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-225-3-119.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Fri, 15 Oct 2021 17:06:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://ijr.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
g
capi.connatix.com/rtb/ Frame B551 		75 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=133322
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.225.3.119 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-225-3-119.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
76e46069eecc8e38a4448b2346e4c668ccb537e93cb0958fb113d810c2ba9e07

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Fri, 15 Oct 2021 17:06:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://ijr.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
93
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&pid=y4gXaJqEiPDIX&cb=1&ws=1600x1200&v=7.69.01&t=1000&slots=%5B%7B%22id%22%3A%22Shmoop_Vid_2%20%22%2C%22mt%22%3A%22v%22%7D%5D&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
via
1.1 b6d0df27407ce1677f17be38cbc0101a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P1
x-amz-rid
4YEHY0E9JF8S60R9C3EX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ijr.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
UjE3RlkxopBeRHaSFDiYJ7onp-WzHvl4WnqTa6Gu-1KzEtBT2DJ2kw==
ps
capi.connatix.com/tr/ Frame B551 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=133322
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.225.3.119 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-225-3-119.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Fri, 15 Oct 2021 17:06:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://ijr.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
1_th.jpg
img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/d8851e5c-068e-43b4-80a6-aa2a37ea82ef/ 		3 KB
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/60764267-557e-410f-85cb-f102d92ee134/d8851e5c-068e-43b4-80a6-aa2a37ea82ef/1_th.jpg?crop=817:460,smart&width=817&height=460&format=jpeg&quality=60&fit=crop
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1911a62afd2f0800eae4585eb564e8b6e9f63f5a4938700462fec79960bb02d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
content-encoding
br
age
104733
etag
"mi6Lbzp/znn2JhUjNok1yMf/5oseO575CtShBVNHBcM"
access-control-max-age
86400
fastly-io-info
ifsz=22006 idim=2560x1440 ifmt=jpeg ofsz=3329 odim=817x460 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
494
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v11/ Frame 7EDC 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v11/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
4c95d706475a153fe4bc12a4aae383e5bf845cba076d95d76f413f51424802ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://soapps.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 18:13:49 GMT
x-content-type-options
nosniff
age
341563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47452
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:39:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 11 Oct 2022 18:13:49 GMT
fc4bf3667efdc5b009db8807198fb05fd6ef5e5ae23a95cee4ef5d1a784db5a9_small
cdn1.lockerdomecdn.com/uploads/ Frame 4EBD 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/fc4bf3667efdc5b009db8807198fb05fd6ef5e5ae23a95cee4ef5d1a784db5a9_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13652748021242214?pubid=ld-4668-3370&pubo=https%3A%2F%2Fijr.com&rid=&width=728
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
ab642e9c052bfd64b9d929e0ed93b17f59b0dcdca53669f5149cfd1424e92b93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
last-modified
Fri, 14 May 2021 21:37:46 GMT
server
nginx
etag
"8b5d7ce629d024e6cf0a831dcbf9eff8"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
https://lockerdome.com
accept-ranges
bytes
timing-allow-origin
https://lockerdome.com
content-length
13049
afaf637bcfea865445766093d22159ea6753872fcbd5a142f7226eee453d47b7_small
cdn1.lockerdomecdn.com/uploads/ Frame 4EBD 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.lockerdomecdn.com/uploads/afaf637bcfea865445766093d22159ea6753872fcbd5a142f7226eee453d47b7_small
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13652748021242214?pubid=ld-4668-3370&pubo=https%3A%2F%2Fijr.com&rid=&width=728
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
286522dd4118a9444cf6e2299e6d2b073a9cb0e026285b55da630dab127fec9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
last-modified
Thu, 22 Jul 2021 19:55:47 GMT
server
nginx
etag
"54b0bdebd5d199fa93a78adfb6a0a4ac"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
https://lockerdome.com
accept-ranges
bytes
timing-allow-origin
https://lockerdome.com
content-length
12892
dc.js
stats.g.doubleclick.net/ Frame 4EBD 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13652748021242214?pubid=ld-4668-3370&pubo=https%3A%2F%2Fijr.com&rid=&width=728
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
1308
date
Fri, 15 Oct 2021 16:44:44 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17093
expires
Fri, 15 Oct 2021 18:44:44 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/828216/57278988/ Frame 9A0E 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/828216/57278988/skeleton.js
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.249.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-249-25.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e0fb0f82e0fd27c623b3b177f98155b7d9f57b9cb3bafda58cf152e9fbcc3bca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:32 GMT
content-encoding
gzip
x-server-name
app10.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 9A0E 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
Origin
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21644
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Oct 2021 11:05:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/ Frame 9A0E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/omrhp.js
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 16:55:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 16:55:08 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 9A0E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite.js
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9283
x-xss-protection
0
server
cafe
etag
1044373809082006429
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 17:02:08 GMT
/
geoip.insticator.com/json/ 		242 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/d2fbc6b1-49e4-4e05-b521-2e3ec7e7fbec/b682993b-886f-4b67-99bf-c9e40571e201.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.85.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-85-106.compute-1.amazonaws.com
Software
/
Resource Hash
7342bf4487703692ce84ec36496caec42bba20068cca6f30a2c08050258c679a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://ijr.com
date
Fri, 15 Oct 2021 17:06:33 GMT
access-control-allow-credentials
true
x-database-date
Thu, 14 Oct 2021 21:39:29 GMT
content-length
242
vary
Origin
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame 009B 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.85.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-85-106.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ijr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/

Response headers

date
Fri, 15 Oct 2021 17:06:33 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
15d11e8c-afc2-4550-be9e-8b3bcd5440f8
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
998f579f0b1ec059f011125f252beffc6777170ca561cd7c619c5daa9f2d33fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:32 GMT
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 22:11:36 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-2f21f-5ce575cb30af3"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=104599
accept-ranges
bytes
content-type
text/javascript
content-length
60470
expires
Sat, 16 Oct 2021 22:09:51 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		92 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f64ec8be823db4320366c4ad53b475fef50a25c734854ca6386c14d9df301b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 17:06:32 GMT
Content-Encoding
gzip
Age
3297
X-Cache
HIT
Connection
keep-alive
Content-Length
21764
x-amz-id-2
kWXVj6D+nx4CvvtO2Z08cVUBSkslszTLeCKWPEEY54dC5z47tHuhucNQF/mJT5aAWtRtrR6ZUI8=
X-Served-By
cache-fra19120-FRA
Last-Modified
Fri, 15 Oct 2021 15:08:32 GMT
Server
AmazonS3
X-Timer
S1634317593.816754,VS0,VE0
ETag
"06658e43b58a9dca5a3f3e3a205f1bfd"
x-amz-request-id
XCV44QFFAQ6DBABB
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
117
postback
s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/postback?oz_pl=1&ap=undefined&md=2&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db&ci=234175&_x=1
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 17:06:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.srvsynd.com/2/2.33.0/ 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/main.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7a3b4c985dc5de60264f6a19da2b094563d3dfc6b1fc1bd33645cae3e0db6cc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 17:06:32 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
47424
Expires
Mon, 23 Jun 2053 17:26:41 GMT
truncated
/ Frame 4EBD 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
959abe8ebde974186cb600169e560e4309322a426395cb02bfe9a5bda9b56cea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.179.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-179-1.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://ijr.com
date
Fri, 15 Oct 2021 17:06:32 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.179.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-179-1.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://ijr.com
date
Fri, 15 Oct 2021 17:06:32 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
bridge3.485.1_en.html
imasdk.googleapis.com/js/core/ Frame 8E23 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.485.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ijr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193945
date
Sat, 09 Oct 2021 00:30:48 GMT
expires
Sun, 09 Oct 2022 00:30:48 GMT
last-modified
Sat, 09 Oct 2021 00:23:47 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
578144
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame B551 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Oct 2021 17:06:33 GMT
bridge3.485.1_en.html
imasdk.googleapis.com/js/core/ Frame C183 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.485.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ijr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193945
date
Sat, 09 Oct 2021 00:30:48 GMT
expires
Sun, 09 Oct 2022 00:30:48 GMT
last-modified
Sat, 09 Oct 2021 00:23:47 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
578145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.485.1_en.html
imasdk.googleapis.com/js/core/ Frame C54B 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.485.1_en.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.485.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ijr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
193945
date
Sat, 09 Oct 2021 00:30:48 GMT
expires
Sun, 09 Oct 2022 00:30:48 GMT
last-modified
Sat, 09 Oct 2021 00:23:47 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
578145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4EBD 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7095bba9a9b891520ef65674ee75ccb1f59bfd9e783f50c0beaefa8d19fd45d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 1C20
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJWQXfq8RPFPJ5_JLvqkUVY&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJWQXfq8RPFPJ5_JLvqkUVY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIT03AEQ_LHlARinnra1ATAB&v=APEucNV6wpDl4guBVLewTvxqd50xe4g96umC8aP7wZx1uLRnxurCYeBPvU5jxF5I9dIhs7LACzwNWNPsCzaWTiGnPAHk87iu8g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 17:06:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Oct 2021 17:06:33 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJWQXfq8RPFPJ5_JLvqkUVY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1C20
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWm1GVAZXYikjjdLOKGuOwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJWQXfq8RPFPJ5_JLvqkUVY&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJWQXfq8RPFPJ5_JLvqkUVY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIT03AEQ_LHlARinnra1ATAB&v=APEucNV6wpDl4guBVLewTvxqd50xe4g96umC8aP7wZx1uLRnxurCYeBPvU5jxF5I9dIhs7LACzwNWNPsCzaWTiGnPAHk87iu8g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 17:06:33 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Oct 2021 17:06:33 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJWQXfq8RPFPJ5_JLvqkUVY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1C20
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAfl469ipgTowp6NBf1Ij_A&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAfl469ipgTowp6NBf1Ij_A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIT03AEQ_LHlARinnra1ATAB&v=APEucNV6wpDl4guBVLewTvxqd50xe4g96umC8aP7wZx1uLRnxurCYeBPvU5jxF5I9dIhs7LACzwNWNPsCzaWTiGnPAHk87iu8g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 17:06:33 GMT
X-Proxy-Origin
216.131.114.13; 216.131.114.13; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
61656f4a-0aab-41bd-b8fe-c6a66ed851a6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAfl469ipgTowp6NBf1Ij_A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1C20
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODMxMzk5MjY3ODU5MTQ3OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODMxMzk5MjY3ODU5MTQ3OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIT03AEQ_LHlARinnra1ATAB&v=APEucNV6wpDl4guBVLewTvxqd50xe4g96umC8aP7wZx1uLRnxurCYeBPvU5jxF5I9dIhs7LACzwNWNPsCzaWTiGnPAHk87iu8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 17:06:33 GMT
X-Proxy-Origin
216.131.114.13; 216.131.114.13; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8a756c42-3fe1-4d96-9826-6ad6d25d09dc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgzODMxMzk5MjY3ODU5MTQ3OA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
938.json
id5-sync.com/g/v2/ 		213 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/938.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.5 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p38.id5-sync.com
Software
/
Resource Hash
11f8085bd8e63f732dc4c8205b8ec81333950f415edda8d7a299095a55c7c935
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://ijr.com
Date
Fri, 15 Oct 2021 17:06:27 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		154 B
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d3c3b565f609b08a7ee2b0c7b91d40792c06c5d1ac66213de62dadf52c369fa0

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:33 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ijr.com
cache-control
no-cache
x-server
10.45.27.186
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
rid
match.adsrvr.org/track/ 		109 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
85e35072a81a71a1c225bbf8c21516f987cf03eb4c01257d7eee61b9c9cd273c

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Oct 2021 17:06:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ijr.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 14 Nov 2021 17:06:33 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 18E1 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm6S5bXiOmmJMMlDf-NVuohAr2guTHoWNf4eI69-D15Uv3oaKNrFFBR71luv_0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 15 Oct 2021 17:00:15 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
378
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2B4A 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
741b01a4cc5c903de311927b384c32db7d6db56fcc028a212f3d22469eacfba3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 382F 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11990
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 16 Oct 2021 13:46:43 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 382F 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11984
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 16 Oct 2021 13:46:49 GMT
2fdb4200b17d01d889bd625a4db4c5c5.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/ Frame 382F 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/2fdb4200b17d01d889bd625a4db4c5c5.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
87ad22bf5e206b2b5fcaafae88f126ec2ec3b6c131e105c7ad11d367726fb631
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
51379
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18495
x-xss-protection
0
last-modified
Fri, 21 May 2021 17:31:54 GMT
server
sffe
date
Fri, 15 Oct 2021 02:50:14 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Oct 2022 02:50:14 GMT
instbid-4.32.0-28-with-new-ssps.js
df80k0z3fi8zg.cloudfront.net/files/ 		366 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instbid-4.32.0-28-with-new-ssps.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.186 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-186.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
987f99479658144f51bb3d58724e6cad26e9c59b396c8da74781c49d3bd9072e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
PJSv67Ye.A4D1UntOZ7xUTYFpK79cmtD
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 16:47:01 GMT
server
AmazonS3
age
78843
etag
W/"a640e887066acfceadf3b3b07de8f53a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4612dc3b414cf2057f542e94733d59bd.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 14 Oct 2021 19:12:31 GMT
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
OwSumqT1guLhmEQmpM10VQKrLrGB0AEhlsrVcrOHIugbGW15mnXwzw==
main.gr.19.8.250.js
static.adsafeprotected.com/ Frame 9A0E 		187 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.250.js
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14839c62c6e34d53020b8ed242dbc1ce39df98f799772d40b2d7e707404d9738

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 21:29:27 GMT
content-encoding
gzip
age
70627
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 14 Oct 2021 21:29:25 GMT
server
AmazonS3
etag
W/"02d24a7c8cd84fc46c1a3d349fcfc476"
vary
Accept-Encoding
x-amz-version-id
Xz5iIVQCgpr0FMK_nqjO7riDeGhJYqC3
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
VdrHQCze9smI1CYY-VLKGdO3279zcr2RlBBURHk-hI1SgdSx9V6Jww==
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110141220/ 		180 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110141220/wrap.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9eff78a9f29c9828c1382db95605031958ba2647a448b6da0f4f9a9737daba0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 17:06:33 GMT
Content-Encoding
gzip
Age
602
X-Cache
HIT
Connection
keep-alive
Content-Length
58949
x-amz-id-2
KY/+KBbHQtEf1JNJJcUdjmE/EYcFvQxmyX8fFF3vtWi4S+RJ5VkZlbegMxvlMa2+zphdnZ2i1BU=
X-Served-By
cache-fra19120-FRA
Last-Modified
Thu, 14 Oct 2021 16:22:38 GMT
Server
AmazonS3
X-Timer
S1634317593.430946,VS0,VE0
ETag
"9749b1432555d8b99a84af6a43100ca0"
x-amz-request-id
QQJAQ76XWWCXV8CB
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
752
postback
s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/postback?oz_pl=1&ap=undefined&md=2&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db&ci=234175&_x=1
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 17:06:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
index.html
s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/ Frame A2C0 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
584562198deebf0701a800a6be837ec15ec63508ab6c7339936dfef05a6b211b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
1437
date
Fri, 15 Oct 2021 07:01:17 GMT
expires
Sat, 16 Oct 2021 07:01:17 GMT
last-modified
Wed, 22 Sep 2021 21:06:42 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
36316
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 9A0E 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQGVjlqyFbnfpAaAC6xnT9QBEXfkhP7h4tjbtWXnplXqCN6Erz8C8ku2IUdAI3WwFDKn1qkMuUbAUCP-1Znj7YZ5RLv4R--hw28sTHzD2Q-xu_dIAVC7xFoQ2k8f5f29FovOKUowF7c-nEzUVFxuzJRue4SWxflaJb23HHrDlIDo5LEKcEzLEkClZ-AWAN5duJWRsAGQcJ09Xt254TcDWDe8fPPxz_HMhAtZAbKh_EyE91d5uR8AF6Us1JZ6h4A_XPqDe6MX3EMcqK_MuLOHB67Ij7Z2Ou4z7Lx002kQ3n0l1OPMPnVgbj73jjDdkq3E63aE6TCsO8lfHTcUhx59xSanntLWPl-kDvq00UyQCEM41u_lnc1_BFyICOufeMfwCozDMNcLOr11CBUeBXcAZCunPgiTSMXeXiDr7RBRRmBnj1uIkr3oxhDjLZMvQCDozaABXlNiTRmC7mvtAy1c17glZISfMumi5yTirALHbZe2V2YsxrPFqC39mTWoD0JzENCzZTMkyGz5v2Pyu2lmoL0TOuNVuxlpMqUThTdNVWRvoVvWXsGv_kdddIw2wxTWVHQlwRGOrp4A1kWHwrDbFc-oKTVyHKMiHcE-sNY6_2TWxlM8dHQcaYwNZrHS4WaOgjS35gTLdEeIC96JvvG4a5h9GRRTW6lGqclm2ei3oX9GkIkeHj7Lh_TeVDR9ImEbHmmpG14qK73eCxi6osU5ezRz6BtPivFnXOjYEhJ-jaXLvKE3jJ0Un5_rL_6YM0OA9WVaui5hNHcjSil6PWgrSZk49GkZTN8jw7LRBFPT83fIcwoJxEHUEO6cbgCAXXR2cCyv_HgfyAgXsBiYphKWhUJnFKlxv8Mcc9h9R0bdI5dvMFJhCAaMDtbYWph47wwldCfnVYe-veu-amSwlnIjO0FZVFUIiC0Bdo4dC8KnvakNdF4s7PbolwYIAqC7Zr7uk12MF9Qz_-g-_Z8f2vhWeAqpyNbqutHz45kgXG9PHaoP9Z71Ojgk249s80Luq4ZPQK2qtwYtOcpwegrRkHGJJqU-j2D9dKqyu4Pvr5y9F6OCoA6FG_sRhp8gFJLrkdshJQRFD-La4E2pfvXnb3KzxawSkVG-rMo5if9U6EHA7ozxuHM7VmtlPeEWIlR9z9E4XCT8KdncYFILGmOREVntiirDYLE93KfJyWUoa_wALS0vPZnmxy4bAgpTCWgZC8GUdMH_ZMAvySLiFCWfxYKBw&sai=AMfl-YROBxijnpEZG8fvB8ZWrhr23d9WgokOUfIJgrpKjJcQmgHhrgLH4gTb1OJDnJRKR0ozggqTUR94NC2V8MG5Y64MPXyFlymAzeKAfrxYcDpF-pFjBK6j3EQAy6QNcRAU9OVAoCNiTytejqHnTMeGCqXJtT8pmrMPX5l8B6Y&sig=Cg0ArKJSzJdoGbsMXLwDEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=761&cbvp=1&cstd=755&cisv=r20211013.98366&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 15 Oct 2021 17:06:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9A0E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 07:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121891
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 14 Oct 2022 07:15:02 GMT
truncated
/ Frame 9A0E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bab4cabc57f28f9241d293f370c5012bd4e4db85cadd1f565a8b214085bc099c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
postback
s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/postback?ap=undefined&md=2&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db&ci=234175&sid=ANcdkY4NEenMn-7L&oz_sc=fb8a04853240307e4f7a60f9&oz_df=1634317593479&oz_l=257&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 17:06:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
css
fonts.googleapis.com/ Frame 382F 		3 KB
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:700|Raleway:800
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/2fdb4200b17d01d889bd625a4db4c5c5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
727937d7f6440d3e7348ac06e0ed0a99f840a0c5511cb03520af9728f2c2e2fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 17:06:33 GMT
server
ESF
date
Fri, 15 Oct 2021 17:06:33 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 15 Oct 2021 17:06:33 GMT
12e7eda5bca86267116f0e897e10052a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/media/ Frame 382F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/media/12e7eda5bca86267116f0e897e10052a.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
869b582ac886fad953e6af710c648eb3f3a091f731afc15baea057e68650bd9b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
51379
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2841
x-xss-protection
0
last-modified
Fri, 21 May 2021 17:31:54 GMT
server
sffe
date
Fri, 15 Oct 2021 02:50:14 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Oct 2022 02:50:14 GMT
9e905ec379a3d487d44d62bc96b58c45.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/media/ Frame 382F 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/media/9e905ec379a3d487d44d62bc96b58c45.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11961442600037494693/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
9e21fdcda9cefdc401f2237af0c78de5ffa35927cef6383feb7f580abe22bf51
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
51379
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36812
x-xss-protection
0
last-modified
Fri, 21 May 2021 17:31:54 GMT
server
sffe
date
Fri, 15 Oct 2021 02:50:14 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Oct 2022 02:50:14 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&pid=y4gXaJqEiPDIX&cb=2&ws=1600x1200&v=7.69.01&t=3000&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fijr.com_Web_300x250_cmt_1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fijr.com_Web_300x250_cmt_2%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fijr.com_Web_300x250_cmt_3%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fijr.com_Web_300x250_cmt_4%22%7D%5D&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.241.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:33 GMT
via
1.1 b6d0df27407ce1677f17be38cbc0101a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P1
x-amz-rid
CZEKS3S72P7X719RMGZS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ijr.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
uUJ1Vsmp0iQiL5GERPQoF8cEb4rKg2d-MlJmgggOtpxPRGX5muhwCw==
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ijr.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 17:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4027926291292445&correlator=2940745491184227&output=ldjh&impl=fifs&eid=31063133%2C31062463%2C31062524%2C31063127&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=27794161%2Cijr.com_Web_300x250_cmt_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x280%7C320x100%7C250x250&prev_scp=h%3D17%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dijr.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=Site%3Dhttp%253A%252F%252Fijr.com%26Tag%3DCoronavirus%2520Outbreak%252CRon%2520Johnson%252CUS%2520news%26Category%3DNews%26URL%3D%252Fsen-ron-johnson-four-pinocchios-vaccine%26GoogleCompliant%3Dtrue%26utm_campaign%3Dmanualpost%26utm_content%3D2021-07-16%26utm_medium%3Dijr%26utm_source%3Dtwitter&cookie=ID%3Df5050d2d296d2469-2229d418f7ca0094%3AT%3D1634317591%3AS%3DALNI_MbnJi9PvKIcni-v4ZEPHEozkzhjuQ&bc=31&abxe=1&lmt=1634317590&dt=1634317593744&dlt=1634317590296&idt=1021&frm=20&biw=1600&bih=1200&oid=2&adxs=292&adys=5861&adks=3962916613&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&vis=1&dmc=8&scr_x=0&scr_y=0&psz=827x451&msz=336x-1&ga_vid=1477309724.1634317591&ga_sid=1634317591&ga_hid=577388286&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
c7d2ef585af9a036fa3c7ddf68b0b08017acc5714470f3327d6840be031e7bfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11733
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ijr.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4027926291292445&correlator=2753381736952969&output=ldjh&impl=fifs&eid=31063133%2C31062463%2C31062524%2C31063127&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=27794161%2Cijr.com_Web_300x250_cmt_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x280%7C320x100%7C250x250&prev_scp=h%3D17%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dijr.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=Site%3Dhttp%253A%252F%252Fijr.com%26Tag%3DCoronavirus%2520Outbreak%252CRon%2520Johnson%252CUS%2520news%26Category%3DNews%26URL%3D%252Fsen-ron-johnson-four-pinocchios-vaccine%26GoogleCompliant%3Dtrue%26utm_campaign%3Dmanualpost%26utm_content%3D2021-07-16%26utm_medium%3Dijr%26utm_source%3Dtwitter&cookie=ID%3Df5050d2d296d2469-2229d418f7ca0094%3AT%3D1634317591%3AS%3DALNI_MbnJi9PvKIcni-v4ZEPHEozkzhjuQ&bc=31&abxe=1&lmt=1634317590&dt=1634317593747&dlt=1634317590296&idt=1021&frm=20&biw=1600&bih=1200&oid=2&adxs=638&adys=5861&adks=437161676&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&vis=1&dmc=8&scr_x=0&scr_y=0&psz=827x451&msz=336x-1&ga_vid=1477309724.1634317591&ga_sid=1634317591&ga_hid=577388286&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
0e756cacbf2d0f8d59355de4eafb5e07f0a60abd3e9b88ca449cda47a72a61e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9974
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ijr.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4027926291292445&correlator=2713779720496522&output=ldjh&impl=fifs&eid=31063133%2C31062463%2C31062524%2C31063127&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=27794161%2Cijr.com_Web_300x250_cmt_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x280%7C320x100%7C250x250&prev_scp=h%3D17%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dijr.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=Site%3Dhttp%253A%252F%252Fijr.com%26Tag%3DCoronavirus%2520Outbreak%252CRon%2520Johnson%252CUS%2520news%26Category%3DNews%26URL%3D%252Fsen-ron-johnson-four-pinocchios-vaccine%26GoogleCompliant%3Dtrue%26utm_campaign%3Dmanualpost%26utm_content%3D2021-07-16%26utm_medium%3Dijr%26utm_source%3Dtwitter&cookie=ID%3Df5050d2d296d2469-2229d418f7ca0094%3AT%3D1634317591%3AS%3DALNI_MbnJi9PvKIcni-v4ZEPHEozkzhjuQ&bc=31&abxe=1&lmt=1634317590&dt=1634317593749&dlt=1634317590296&idt=1021&frm=20&biw=1600&bih=1200&oid=2&adxs=292&adys=6685&adks=849774104&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&vis=1&dmc=8&scr_x=0&scr_y=0&psz=827x290&msz=336x-1&ga_vid=1477309724.1634317591&ga_sid=1634317591&ga_hid=577388286&ga_fc=false&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef0b37a81594b340c68391474f337d76fefa2aa8b7a5b9c0f80141fa7dd9a7ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9833
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ijr.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4027926291292445&correlator=762839437644227&output=ldjh&impl=fifs&eid=31063133%2C31062463%2C31062524%2C31063127&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211015&iu_parts=27794161%2Cijr.com_Web_300x250_cmt_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x280%7C320x100%7C250x250&prev_scp=h%3D17%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dijr.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=Site%3Dhttp%253A%252F%252Fijr.com%26Tag%3DCoronavirus%2520Outbreak%252CRon%2520Johnson%252CUS%2520news%26Category%3DNews%26URL%3D%252Fsen-ron-johnson-four-pinocchios-vaccine%26GoogleCompliant%3Dtrue%26utm_campaign%3Dmanualpost%26utm_content%3D2021-07-16%26utm_medium%3Dijr%26utm_source%3Dtwitter&cookie=ID%3Df5050d2d296d2469-2229d418f7ca0094%3AT%3D1634317591%3AS%3DALNI_MbnJi9PvKIcni-v4ZEPHEozkzhjuQ&bc=31&abxe=1&lmt=1634317590&dt=1634317593751&dlt=1634317590296&idt=1021&frm=20&biw=1600&bih=1200&oid=2&adxs=638&adys=6685&adks=530614055&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fijr.com%2Fsen-ron-johnson-four-pinocchios-vaccine-misinformation%2F%3Futm_source%3Dtwitter%26utm_medium%3Dijr%26utm_content%3D2021-07-16%26utm_campaign%3Dmanualpost&vis=1&dmc=8&scr_x=0&scr_y=0&psz=827x290&msz=336x-1&ga_vid=1477309724.1634317591&ga_sid=1634317591&ga_hid=577388286&ga_fc=false&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
911b961bca558ef9165957323b3e1ca5d9b3ee37d521ac1f75eb7edbf749adba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10289
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ijr.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 329E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Thu, 14 Oct 2021 07:15:05 GMT
expires
Fri, 14 Oct 2022 07:15:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
121888
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
passback_970x250.js
static.adsafeprotected.com/ Frame 9A0E
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/828216/57278988/skeleton.js?adsafe_url=https%3A%2F%2Fijr.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndica...
  • https://static.adsafeprotected.com/passback_970x250.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_970x250.js
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
vJWuRgcefJUeulOYifDz0vd7EIxp_vCl
content-encoding
gzip
etag
W/"094948b2d1170876fb8e76e432d87da6"
age
180290
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 21 Jul 2021 22:11:53 GMT
server
AmazonS3
date
Wed, 13 Oct 2021 15:01:44 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
3oud_lGjANcaSUx5FsFc9tUzCJh2ZugFjumHW7W9d0cMs37Ul0tmpA==

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:33 GMT
x-server-name
app16.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/passback_970x250.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame A2D6 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 08:08:31 GMT
content-encoding
gzip
age
1241883
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
8NtPVmDgTPNSGCu62pr_y3YiqdHNrsEAYvqiv-s_lAoQvEvAA6htqg==
si
googleads.g.doubleclick.net/pagead/drt/ Frame 18E1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm6S5bXiOmmJMMlDf-NVuohAr2guTHoWNf4eI69-D15Uv3oaKNrFFBR71luv_0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 15 Oct 2021 17:06:33 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 15-Oct-2021 18:06:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 15 Oct 2021 17:06:33 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 15 Oct 2021 17:06:33 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
event.insticator.com/v1/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/d2fbc6b1-49e4-4e05-b521-2e3ec7e7fbec/b682993b-886f-4b67-99bf-c9e40571e201.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.85.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-85-106.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://ijr.com
date
Fri, 15 Oct 2021 17:06:34 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Server
34.227.85.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-85-106.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type
Origin
https://ijr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 15 Oct 2021 17:06:33 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://ijr.com
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
style_1yFt727.css
s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/ Frame A2C0 		1 KB
501 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/style_1yFt727.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
b91345dca89512f024e2e7e8dae13156c4723104dcc37a55faf43a5cd3087797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 09:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27689
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
475
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 21:06:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Oct 2021 09:25:04 GMT
970x250_Gc92GQa.css
s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/ Frame A2C0 		76 B
100 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/970x250_Gc92GQa.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
b7ee3a4e6441516f78b8efdd07019c77a24c8f215b430359c1198aaad4ed3cfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:23:21 GMT
x-content-type-options
nosniff
age
45792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 21:06:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Oct 2021 04:23:21 GMT
flatened_img_3h3N2Wj.png
s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/ Frame A2C0 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/flatened_img_3h3N2Wj.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
9ba041fb7ce0769610c35dcbc5579be3d085f7a33201f2c3d3c8d8c0bf13266b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 16:04:06 GMT
x-content-type-options
nosniff
age
3747
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83879
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 21:06:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Oct 2021 16:04:06 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A2C0 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Oct 2021 17:06:33 GMT
main.js
s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/ Frame A2C0 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
13eeeaf028a527bf6909f70bfdc1be3e3019b970f856ac1f89f9484aa5fc92ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:23:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19893
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 21:06:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Oct 2021 04:23:23 GMT
dt
dt.adsafeprotected.com/ Frame 9A0E 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=828216&asId=d80fe346-4052-547c-43e0-3066c40bd0be&tv=%7Bc:r8jhOu,pingTime:-3,time:477,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:418%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:477,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:418,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B78~0%5D,as:%5B78~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sLVI4fD+11%7C12%7C13%7C14%7C15%7C16%7C17*.828216-57278988%7C171%7C172%7C173%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i,idMap:17*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.212.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-212-105.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:34 GMT
x-server-name
dt36.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9A0E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=828216&asId=d80fe346-4052-547c-43e0-3066c40bd0be&tv=%7Bc:r8jhOw,pingTime:-6,time:479,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:479,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:418,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B80~0%5D,as:%5B80~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sLVI4fD+11%7C12%7C13%7C14%7C15%7C16%7C17*.828216-57278988%7C171%7C172%7C173%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i,idMap:17*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:ijr.com*&br=c
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.212.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-212-105.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:34 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCIPrE.woff2
fonts.gstatic.com/s/raleway/v22/ Frame 382F 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtapbCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:700|Raleway:800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
22c96a94f1e6c9c814b42368fa27b041b836f078c33d91538fb37bfb9d84e329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 09:22:46 GMT
x-content-type-options
nosniff
age
27827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21344
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:39:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 15 Oct 2022 09:22:46 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ Frame 382F 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:700|Raleway:800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 03:52:51 GMT
x-content-type-options
nosniff
age
220422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 03:52:51 GMT
postback
s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/postback?ap=undefined&md=2&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db&ci=234175&sid=ANcdkY4NEenMn-7L&oz_sc=fb8a04853240307e4f7a60f9&oz_df=1634317593824&oz_l=4527&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 17:06:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
46813c5f-3f75-4989-b2e2-f09912795ccb
https://ijr.com/ Frame 5286 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ijr.com/46813c5f-3f75-4989-b2e2-f09912795ccb
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
dt
dt.adsafeprotected.com/ Frame 9A0E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=828216&asId=d80fe346-4052-547c-43e0-3066c40bd0be&tv=%7Bc:r8jhPE,pingTime:-2,time:549,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:862,bdZ:1014,beA:1519,beZ:1520,mfA:1914,cmA:1916,inA:1916,inZ:1920,prA:1920,prZ:1932,si:1938,poA:1940,poZ:1957,cmZ:1957,mfZ:1957,loA:1998,loZ:2001,ltA:2068,ltZ:2068%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:418%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:549,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:418,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B150~0%5D,as:%5B150~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sLVI4fD+11%7C12%7C13%7C14%7C15%7C16%7C17*.828216-57278988%7C171%7C172%7C173%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i,idMap:17*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:128,readyFired:true%7D&br=c
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.212.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-212-105.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:34 GMT
x-server-name
dt37.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
1x1_blank_3vGuq_O.png
s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/ Frame A2C0 		95 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/1x1_blank_3vGuq_O.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/style_1yFt727.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/style_1yFt727.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 16:04:07 GMT
x-content-type-options
nosniff
age
3747
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 21:06:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Oct 2021 16:04:07 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3351 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ijr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=66736
expires
Sat, 16 Oct 2021 11:38:50 GMT
date
Fri, 15 Oct 2021 17:06:34 GMT
vary
Accept-Encoding
IAS_PassbackAds_970x250.png
static.adsafeprotected.com/ Frame 9A0E 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_970x250.png
Requested by
Host: 8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
URL: https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
sq9OjPzsj3OK_PWUs2DSILbYAvwOM90t
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
etag
"9d3f43da9d0d0679ec0dfea58b2f1d45"
age
190658
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
28949
last-modified
Wed, 21 Jul 2021 22:11:35 GMT
server
AmazonS3
date
Thu, 14 Oct 2021 00:52:11 GMT
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
x-amz-cf-id
nxZUMiLr-t13LMUtCkOX-FoTcgWQj6KSCSZzW9678Bx8MXtwrqxCxw==
postback
s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/postback?ap=undefined&md=2&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db&ci=234175&sid=ANcdkY4NEenMn-7L&oz_sc=fb8a04853240307e4f7a60f9&oz_df=1634317594023&oz_l=2194&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 17:06:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
ss1_114geDt.jpg
s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/ Frame A2C0 		697 KB
697 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/ss1_114geDt.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
193d2659d8a8fd663d3f9a6e5cb6c128420312b60b1d990d28f80f295aa1feec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9108425/1632344802453/Elux_Airfry_HTML5_970x250_v2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 07:01:20 GMT
x-content-type-options
nosniff
age
36314
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
713278
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 21:06:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Oct 2021 07:01:20 GMT
CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js
pagead2.googlesyndication.com/bg/ Frame 329E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 16:28:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2303
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13341
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 15 Oct 2022 16:28:11 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3351 		0
0
dt
dt.adsafeprotected.com/ Frame 9A0E 		0
0
container.html
8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 75F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ijr.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 15 Oct 2021 17:06:31 GMT
expires
Sat, 15 Oct 2022 17:06:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 9A0E 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2B4A 		0
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012109102127000/ 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
241289
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55506
x-xss-protection
0
server
sffe
date
Tue, 12 Oct 2021 22:05:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c42e3b94efe0099e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 12 Oct 2022 22:05:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
214316
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4995
x-xss-protection
0
server
sffe
date
Wed, 13 Oct 2021 05:34:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc03df60ee69192f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Oct 2022 05:34:38 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-analytics-0.1.mjs
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
166670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28507
x-xss-protection
0
server
sffe
date
Wed, 13 Oct 2021 18:48:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"283b6526337df106"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Oct 2022 18:48:44 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-fit-text-0.1.mjs
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
214812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1638
x-xss-protection
0
server
sffe
date
Wed, 13 Oct 2021 05:26:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b3f838efba7b15f2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Oct 2022 05:26:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-form-0.1.mjs
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
429345
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12820
x-xss-protection
0
server
sffe
date
Sun, 10 Oct 2021 17:50:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2e8049efde94274d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 10 Oct 2022 17:50:49 GMT
truncated
/ 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717ea6166dc21f3664c0114337312fa0c9dc08643f269058693ff4e48fbc6bb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
8377511987580189253
tpc.googlesyndication.com/simgad/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8377511987580189253?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qncuVaMgkL28x6rMqmwOKMntP5hSw
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
f579a1e86dbdb794ba4269c38bbbc6a17d27789dae7f1ca9e4c0a7f6d5b1e4d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 03:32:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Dec 2020 06:21:26 GMT
server
sffe
age
221617
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79020
x-xss-protection
0
expires
Thu, 13 Oct 2022 03:32:57 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 13:18:13 GMT
x-content-type-options
nosniff
server
cafe
age
13701
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 16 Oct 2021 13:18:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 		295 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 20:55:41 GMT
x-content-type-options
nosniff
server
cafe
age
72653
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 15 Oct 2021 20:55:41 GMT
l
www.google.com/ads/measurement/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyl9n5qqEBRdOblWr3OrMrEPKUL4aaXi8DGApGKxHtxuMMwBJ8NLU5pIo0NAR9uD8Cez_l6K1TQufRGZhepgtlgYCzEQ
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gdn
metrics.getrockerbox.com/track/ 		44 B
686 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/gdn?source=ifcj&tier_one=gdn&tier_two=2043637671&tier_three=72965698955&auction_id=95320902
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.83.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 17:06:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6bwycdVy3AmmjYcz3SW%2FxZ085hCGhx40gUDGxm4K7G7xa%2BdPu1QkYYM3noFdDex4Od4XeSjWPnoL1UrTwH40cgbtRqfJTbFfr%2BbNzF%2BY9xCQxmALff8QzNX3f1zoZ8LrlJXicdygE%2Buwjs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
69eaa38669d627c0-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adview
securepubads.g.doubleclick.net/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuF-5GbVpYY3NMNjYgAf6io6wDvrio65l5cH8gN8Mk-7InrsJEAEg6fe2T2DJBqABhK-Z9QPIAQLgAgCoAwHIAwiqBLQCT9C0iJkyiNmJqBQxDvJU7OP2BwBEt5EPm6RHDiCw09r7xuEhdPzRQwjoHPnwaPhN47IDFTzbsu74qdD-LNU_XkMEFYv2L8mr--aYsx6jDcKlNcQK9bOaGXThq_tX_OujNes1Q7Pbe8_kgnWGkF3Eb0tErjpFZwwLwrn3QQu9jU_3Q684lXyQS7DOZkRmPDmFVMR8K3GGgzBjQ0y92MxvTU2ySmiYhhR3sTj1Z5KDjcehhYMNhvVe1vm1OWdWQ42PKalv9tyixeFKgUf8GuXLLfwaFt2J_o2fTxCrZnHpMFNtE32Rx0Af9fRcmwVj-BFpoo6RMcz-6-HubwPWKVTcpgSH3Z1NMSIzK8w4H5EXrZQ3ZT-AaJ1GC4UxTqMvKfrvleheES2xA-9UqPJTMDOOhFdKV_vABIjPpKWnA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfk0OYKqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBDDzQHSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi05NDY5NDk0Nzc3ODM3NTAxgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTc2MzA5NjExNjM2NDMxMzcYob8V&sigh=D7Kl8Sx_Z5k
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
postback
s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/postback?ap=undefined&md=2&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db&ci=234175&sid=ANcdkY4NEenMn-7L&oz_sc=fb8a04853240307e4f7a60f9&oz_df=1634317594264&oz_l=607&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 17:06:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
bq-streamer
liftable-bq-streamer.appspot.com/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://liftable-bq-streamer.appspot.com/bq-streamer
Requested by
Host: ijr.com
URL: https://ijr.com/wp-content/themes/firefly/assets/js/global-min.js?ver=1.1-1625165938
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.212 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f20.1e100.net
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 15 Oct 2021 17:06:34 GMT
server
Google Frontend
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
96b0e9d557221c71e06afd4f9ba2d4c5
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ijr.com
URL: https://ijr.com/sen-ron-johnson-four-pinocchios-vaccine-misinformation/?utm_source=twitter&utm_medium=ijr&utm_content=2021-07-16&utm_campaign=manualpost
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

date
Fri, 15 Oct 2021 17:06:34 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
257
x-xss-protection
0
postback
s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/postback?ap=undefined&md=2&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db&ci=234175&sid=ANcdkY4NEenMn-7L&oz_sc=fb8a04853240307e4f7a60f9&oz_df=1634317594709&oz_l=10458&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 17:06:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/postback?ap=undefined&md=2&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db&ci=234175&sid=ANcdkY4NEenMn-7L&oz_sc=fb8a04853240307e4f7a60f9&oz_df=1634317594912&oz_l=180&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 17:06:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/postback?ap=undefined&md=2&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db&ci=234175&sid=ANcdkY4NEenMn-7L&oz_sc=fb8a04853240307e4f7a60f9&oz_df=1634317595069&oz_l=2286&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 17:06:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/postback?ap=undefined&md=2&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db&ci=234175&sid=ANcdkY4NEenMn-7L&oz_sc=fb8a04853240307e4f7a60f9&oz_df=1634317595219&oz_l=1291&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 17:06:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
74f6f993-0fbd-4041-a778-af7d6a4b68c4
https://ijr.com/ 		795 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ijr.com/74f6f993-0fbd-4041-a778-af7d6a4b68c4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49bf438349cbba11f359c77a0d1c179c8be4804a283cd594bc450b6ec9d5b0fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
795
postback
s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/postback?ap=undefined&md=2&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db&ci=234175&sid=ANcdkY4NEenMn-7L&oz_sc=fb8a04853240307e4f7a60f9&oz_df=1634317595393&oz_l=4919&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 17:06:35 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.33.0/234175/ANcdkY4NEenMn-7L/postback?ap=undefined&md=2&sr=connatix.com&pp=101514&ti=x1091294472457643804479448023040&de=2&dt=2341751597675869250012&di=ijr.com&ui=00000000-0000-0000-0000-000000000000&to=3&pv=98d21886-64cc-4f45-a858-8a0ae2cb12db&ci=234175&sid=ANcdkY4NEenMn-7L&oz_sc=fb8a04853240307e4f7a60f9&oz_df=1634317595607&oz_l=2143&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.33.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.208.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 17:06:35 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsdeNgHZIAB5Qpz2fsqv7VXPTPG2VmDo3YxgZTtaOLNSmvDm1xOlaq2U4bw8y8ATbUnWafEFJFcZpdGZgDq7GoLHD_EaC03o2BBIdyTCoUmjuaYfypLG-NyZ7NkF0jXcUYSOfs70PHSQ&sai=AMfl-YRdOVPARLOxT7-D6FSJCyGwhGt7N92dbnOlax5B3SYzmtpF3WZE88xFQPKC0ma3aQMxA6YawehYApO8rNmbu505ie63jwh2KXFgV1IRzWnQT2Rok-gu-YbqeMg_&sig=Cg0ArKJSzILDnoSCiLbAEAE&cid=CAASFeRo-N7q_2yQhtbPqQ-UfdFVrJP5Fw&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=169&tls=1170&g=100&h=100&tt=1170&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3962916613
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ijr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 17:06:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2ifiUcIOe_2Ms0jFpcRL60QNbhDcKf-TTziRD0PZ0YzItN502maQ_ypF1ABRDMt64o3FdQMTO1--wzx5jnY
panickypancake.com/ 		2 B
316 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://panickypancake.com/v2ifiUcIOe_2Ms0jFpcRL60QNbhDcKf-TTziRD0PZ0YzItN502maQ_ypF1ABRDMt64o3FdQMTO1--wzx5jnY
Requested by
Host: panickypancake.com
URL: https://panickypancake.com/v2tjhrUcAMq7Y3xGdeWDIzibo5_ujCCQno9dBVe2W1PjyeXGbyVHfxHWYG7ukAAhF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.98.201.35.bc.googleusercontent.com
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Fri, 15 Oct 2021 17:06:36 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ijr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
94ecd830
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
2
expires
Fri, 15 Oct 2021 17:06:35 GMT
v2umzAQOaORaOtDLdg42avqsWXXgNeOEyEUWWKn7Le8swjGz5Sl8ZAl37QxgNH5LZqEw3dsynYrG0c_8n6A
panickypancake.com/ 		215 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://panickypancake.com/v2umzAQOaORaOtDLdg42avqsWXXgNeOEyEUWWKn7Le8swjGz5Sl8ZAl37QxgNH5LZqEw3dsynYrG0c_8n6A
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.98.201.35.bc.googleusercontent.com
Software
/
Resource Hash
381546c6f210e65038edee116acf517220cef8599e6cd8051f58a2fcadb5561d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Fri, 15 Oct 2021 17:06:36 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ijr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
94ecd830
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
215
expires
Fri, 15 Oct 2021 17:06:35 GMT
v2krasDIkFaULH2OTqlVLZT-LatNSOj6M4a97gAInIIySYwnRj45NQvy4z8aJHsQH6rXe1r07o9n22xfBDw
panickypancake.com/ 		3 B
59 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://panickypancake.com/v2krasDIkFaULH2OTqlVLZT-LatNSOj6M4a97gAInIIySYwnRj45NQvy4z8aJHsQH6rXe1r07o9n22xfBDw
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.98.201.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Fri, 15 Oct 2021 17:06:37 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ijr.com
access-control-allow-credentials
true
x-hostname
94ecd830
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
v2ifiUcIOe_2Ms0jFpcRL60QNbhDcKf-TTziRD0PZ0YzItN502maQ_ypF1ABRDMt64o3FdQMTO1--wzx5jnY
panickypancake.com/ 		2 B
81 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://panickypancake.com/v2ifiUcIOe_2Ms0jFpcRL60QNbhDcKf-TTziRD0PZ0YzItN502maQ_ypF1ABRDMt64o3FdQMTO1--wzx5jnY
Requested by
Host: panickypancake.com
URL: https://panickypancake.com/v2tjhrUcAMq7Y3xGdeWDIzibo5_ujCCQno9dBVe2W1PjyeXGbyVHfxHWYG7ukAAhF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.98.201.35.bc.googleusercontent.com
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ijr.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Fri, 15 Oct 2021 17:06:38 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ijr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
94ecd830
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
2
expires
Fri, 15 Oct 2021 17:06:37 GMT
analytics.js
www.google-analytics.com/ Frame 4256 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42069021&p=158410&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=828216&asId=d80fe346-4052-547c-43e0-3066c40bd0be&tv=%7Bc:r8jhUT,time:874,type:e,im:%7Bimprf:%7Bttecl:1324,ecd:11,tsecr:107%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:874,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:418,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B475~0%5D,as:%5B475~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sLVI4fD+11%7C12%7C13%7C14%7C15%7C16%7C17*.828216-57278988%7C171%7C172%7C173%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i,idMap:17*,rmeas:1,rend:0,renddet:na%7D&br=c
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwUc-16APLFYDaYzTLTTXUUyWNAgkmW_vSDtcp93G5SCz29JlDbs-TY4zJB5Q8yo8LsQOsFfeI19aG-KDo5zXXb3t1vMW9pOQkzaRA6rpZi82eCj8&sai=AMfl-YR3s7gQQe6Rbz8EkOFDX9g6Je-JRqC0ahFmrNnrqFmrlHE2-5mdKs-CIVxeMZ4PY8euegFVpkYPeNN98T0xlLE2MPPHB8_9N0Mp3Dfzy-NTqTq4O0KJIK_au7DOe2c-&sig=Cg0ArKJSzJ5BVYFfs-CDEAE&cid=CAASFeRoknDZAUQ6E_BhmItKu_XpLBhGdQ&id=lidartos&mcvt=929&p=0,0,504,970&asp=220,315,724,1285&mtos=502,502,929,929,929&tos=502,0,427,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4261121858&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1634317591866&rpt=1695&isd=0&lsd=0&ec=0&met=mue&wmsd=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZnxKGpHzqEhcj7jHhrVk2Z-31L6FZJDX6H9UXxjrQUXraEsHgVaNbx8crmOW7sPfgmV8Fbcvg9ZB1_zoZd_uow4ka3yb8sGwBpDIlAz6gzkezkPo&sai=AMfl-YSssB3C1PejG9tBTS0DfI8Vjo67ZWK8UVFqFes253TLulPaLGyoP53mGGuM8b3Fg0FSd2KHt2GUPpj7RC5ML2dUW_Q8llOflUObo4cq0WObf_fzQuwWJZu16s3mYWmU&sig=Cg0ArKJSzEfxh5kOC_C7EAE&id=lidartos&mcvt=0&p=0,0,250,300&asp=1234,1066,1484,1366&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=2&adk=1974702164&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1634317591949&rpt=1344&isd=0&lsd=0&ec=0&met=mue&wmsd=0
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Domain/Path Name / Value
.scorecardresearch.com/ Name: UID
Value: 1CSVX2T5GGYRTIUYRZPEL6g1634317591
.adnxs.com/ Name: icu
Value: ChgIn4t3EAoYASABKAEwluqmiwY4AUABSAEQluqmiwYYAA..
.adnxs.com/ Name: uuid2
Value: 5838313992678591478
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 75e62ecd7223de2c
ijr.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ijr.com/ Name: _pubcid
Value: 7afabac2-47fc-424c-8ee2-3c2f3039fd2d
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVwnwYaQOmrhRqqbYb+IjI/LQRqus1OnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG6qEKdWU6r+VKDRWVv/VO/a+hEPPQ==
.rubiconproject.com/ Name: khaos
Value: KUSMHVTL-1K-63XO
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EjVL1pzgnqHrwPDp1MUg9c77mwZr+X/WMXF0cqMuuKlpHKY++jymV4/WAx9dn/mp/3YxU8T15JwDQ==
ijr.com/ Name: cto_bidid
Value: jr4UfV9iRnJXcFVOWk9qNVlRYkUxNkJTTSUyQjZHQUNLbGxSaTJnOGtSdlVSWWFrazRrTVJMT1NYdnJVdzB5ZEpvWSUyRk1uT2I4RDRkZnpyMmdUVzMzeWkwcVZNdHclM0QlM0Q
ijr.com/ Name: cto_bundle
Value: Ojd79V9TcFNFWmNyZFZMJTJGcWhOT053blNvazE1JTJGeXpOVGZNWlNPdVFrTEphZzhScnRwMnNrTURzYkpvYXZLNXA2djVMcEtnZDZ4YjZwVXdLeGg2UEhkUnNYamFtdW5Lbm5vYURVeVhISFBpWnh1a28lM0Q
.ijr.com/ Name: _ga
Value: GA1.2.1477309724.1634317591
.ijr.com/ Name: _gid
Value: GA1.2.328921465.1634317591
.ijr.com/ Name: _dc_gtm_UA-30128009-1
Value: 1
.ijr.com/ Name: _fbp
Value: fb.1.1634317591803.606530307
ijr.com/ Name: _lr_geo_location
Value: DE
.lockerdome.com/ Name: account_id
Value: 14391537660574976
.lockerdome.com/ Name: login_token
Value: %2214391537660574976%7C1642093592181%3A%7Call%7CL77j8Nfv69zeIL7znkXtkB7bsPxuz5d5WXJfbsi5I7DdiC%2B%2F9nHUSaN%2BAOuiGSkQvEplcZ1eG8LiFYxV%2F%2BKVLA%3D%3D%22
.lockerdome.com/ Name: ldrid
Value: bqGRk1ybS4Nn30Y%2FVqJHN4yapaiCX341LJX6ZOqShU8CSF8kA5%2FFuoDvuKmjXHDfNFL%2BtpeKK3ulyYvlc3DEIXVKN4TtZS%2FGuljmXMwrP%2F65tEqK7ftieH6ahK7RFupV
ijr.com/ Name: plsVisitorGeo
Value: DE
ijr.com/ Name: plsVisitorCity
Value: Hessen
.doubleclick.net/ Name: IDE
Value: AHWqTUm6S5bXiOmmJMMlDf-NVuohAr2guTHoWNf4eI69-D15Uv3oaKNrFFBR71luv_0
ijr.com/ Name: InstiSession
Value: eyJpZCI6ImNjOTFiYWVmLWZkZWItNGU3My1iM2I5LWY5NDdkYWQ4MGU0YiIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjoidHdpdHRlciIsIm1lZGl1bSI6ImlqciIsImNhbXBhaWduIjoibWFudWFscG9zdCIsInRlcm0iOm51bGwsImNvbnRlbnQiOiIyMDIxLTA3LTE2In19
.casalemedia.com/ Name: CMID
Value: YWm1GVAZXYikjjdLOKGuOwAA
.casalemedia.com/ Name: CMPS
Value: 5195
.adsrvr.org/ Name: TDID
Value: c0c6c3e3-1365-45a7-b665-28e0484ee2a4
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVPg4YNp!]tbPl1M>e)ZlrFUfJ+tGXxoPB+sL0EW.8W<>Kn<VDiILXpDIAYZT+XgM_DT*bpRz*qF1`*b_T%*'dN.
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: c0b232df5a0b4070e7697f0f1d38bde5
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSDZIMjI2SkkzTTRIMjEwN0g1N7M0TzNIM0wxtkhKSTVlAILEzK2SIBoKAFaXCqA%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIzNwqCaSgAAAURAGZ"
.casalemedia.com/ Name: CMPRO
Value: 1169
.casalemedia.com/ Name: CMST
Value: YWm1GWFptRkA
ijr.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22c0c6c3e3-1365-45a7-b665-28e0484ee2a4%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-10-15T17%3A06%3A33%22%7D
.ijr.com/ Name: panoramaId_expiry
Value: 1634922393323
.ijr.com/ Name: _cc_id
Value: c0b232df5a0b4070e7697f0f1d38bde5
.ijr.com/ Name: panoramaId
Value: b339a6f5341362a8a16a5f611dc34945a7027e4add270fff6e45cdd04994fe9f
.casalemedia.com/ Name: CMRUM3
Value: 2d6169b5192760CAESEJWQXfq8RPFPJ5_JLvqkUVY
.doubleclick.net/ Name: DSID
Value: NO_DATA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6A4D9A1F-FF2B-4C6D-91EC-FBBD59ABFCC4
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1635465600%3A197_219_201%7C1634342400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1635465600%3A3_21_13_54_161_56_7_220_8%7C1635552000%3A35
.ijr.com/ Name: __gads
Value: ID=f5050d2d296d2469:T=1634317591:S=ALNI_MbfiY5It-BCttqaHxRMIamw7qbAOA
.getrockerbox.com/ Name: uuid
Value: rbcr-47ae2ff6-68bf-43d2-aefe-0740c1050acb
.ijr.com/ Name: _awl
Value: 2.1634317596.0.4-e3fe63d-e5de5511cba600ffefa4d918371c27b8-6763652d6575726f70652d7765737431-6169b51c-0

9 Console Messages

Source Level URL
Text
other warning
Message:
A preload for 'https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network error URL: https://ijr.com/static/app.js?v=0.0.72
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ijr.com/static/vendors~app.js?v=0.0.72
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 76)
Message:
Origin trial controlled feature not enabled: 'trust-token-redemption'.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 76)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
worker error URL: blob:https://ijr.com/46813c5f-3f75-4989-b2e2-f09912795ccb
Message:
Mixed Content: The page at 'blob:https://ijr.com/46813c5f-3f75-4989-b2e2-f09912795ccb' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://ijr.com/46813c5f-3f75-4989-b2e2-f09912795ccb
Message:
Mixed Content: The page at 'blob:https://ijr.com/46813c5f-3f75-4989-b2e2-f09912795ccb' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://d3l320urli0p1u.cloudfront.net./
Message:
Refused to frame '' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error
Message:
Refused to load the script 'https://www.google-analytics.com/analytics.js' because it violates the following Content Security Policy directive: "script-src 'nonce-Nnl3MDhoajRo' https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8d7b78feede2f58805e0c14cd3114bdb.safeframe.googlesyndication.com
ads.pubmatic.com
adservice.google.com
assets.revcontent.com
ats.rlcdn.com
b2c.insticator.com
b2c.instiengage.com
bh.contextweb.com
c.amazon-adsystem.com
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdn.revcontent.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
cds.connatix.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
d3l320urli0p1u.cloudfront.net.
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
event.insticator.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
ijr.com
image6.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
img.connatix.com
img.revcontent.com
liftable-bq-streamer.appspot.com
lockerdome.com
match.adsrvr.org
metrics.getrockerbox.com
pa.rxthdr.com
pagead2.googlesyndication.com
panickypancake.com
prebid.media.net
s.srvsynd.com
s0.2mdn.net
sb.scorecardresearch.com
script.4dex.io
securepubads.g.doubleclick.net
soapps.net
static.adsafeprotected.com
stats.g.doubleclick.net
storage.googleapis.com
tpc.googlesyndication.com
trends.revcontent.com
vid.connatix.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
dt.adsafeprotected.com
image6.pubmatic.com
pagead2.googlesyndication.com
www.google-analytics.com
104.154.142.214
104.21.83.150
104.22.49.147
13.225.87.116
13.32.99.23
13.32.99.34
142.250.181.225
142.250.181.226
142.250.184.212
142.250.184.226
142.250.184.230
142.250.184.240
142.250.185.100
142.250.185.104
142.250.185.129
142.250.185.142
142.250.185.98
142.250.186.163
142.250.186.34
142.250.186.42
142.250.186.74
151.101.130.137
151.101.65.194
151.139.128.11
151.139.241.28
151.139.242.29
157.240.20.19
157.240.20.35
172.217.23.97
172.67.75.241
178.250.0.157
18.203.208.193
18.225.3.119
18.66.107.179
18.66.112.27
18.66.137.221
18.66.241.177
185.64.189.112
198.148.27.139
2.18.233.180
2.21.141.232
213.19.162.61
23.20.58.18
34.107.148.139
34.227.85.106
34.231.137.126
34.95.69.49
35.201.98.64
35.245.52.229
37.252.172.45
51.89.21.5
52.208.103.128
52.213.249.25
52.222.250.186
52.48.179.1
54.237.212.105
74.125.206.156
76.223.111.131
012651a9184b68591dda9aad8e6bb3776af7f1aa2fc2a2df794042beaca57049
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
05f516bc29aa78afdfc1f14f55e36a399deeb463f5eba8fdbeaaf0162c888a61
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0730cfcf2f292ece6ee121aaebbd52afd5609c65656cf67b2ff3fc1076c27b87
077ca5c83974e3d994ef9bcac5555bd0a8aeee5267de65c6b2b1bf4c1b30c44e
07b6dcb40f5d58ea6fa2e0f15fcfe6d1688c402402f2c445885ea2bc9c24b0e7
085a089558533497dd85e8031dbba899d1d1069c09e817bf6adbdac028aed292
0a8a07129f0d6c3c3ec92530b2fb31362c48bc4b6058f8d784c5df763232a0fd
0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0e0465cde7e3195a57ce80d3afbb739b4ec941168d7a49687a2b41bc5c8cee3b
0e756cacbf2d0f8d59355de4eafb5e07f0a60abd3e9b88ca449cda47a72a61e7
0e90613dbce87a1e7532eb74281c714936b782e9c1ee9e776b8f98bdbee8c59e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f8085bd8e63f732dc4c8205b8ec81333950f415edda8d7a299095a55c7c935
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13eeeaf028a527bf6909f70bfdc1be3e3019b970f856ac1f89f9484aa5fc92ee
14839c62c6e34d53020b8ed242dbc1ce39df98f799772d40b2d7e707404d9738
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1911a62afd2f0800eae4585eb564e8b6e9f63f5a4938700462fec79960bb02d5
193d2659d8a8fd663d3f9a6e5cb6c128420312b60b1d990d28f80f295aa1feec
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
21d0d09a197b601cf906d2360090798bf442a069aca800c6c45bdc5058fa1596
226dc21e12873fb6a08e263f67b9808c5a9f0b6f3d414b8afad75efe8440f884
229624ad9cd76da7a456326bfb601344e506ef08416fca467bbf5f2ac3f06948
22c96a94f1e6c9c814b42368fa27b041b836f078c33d91538fb37bfb9d84e329
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
286522dd4118a9444cf6e2299e6d2b073a9cb0e026285b55da630dab127fec9b
2b616e2ed3d90df2b54402d0c827d9ce3eb1d4df509c5d2b5a19ba6c9dc5ed90
2bb4e9827f310ce8e3fe45c61fc23d9f929d169f6158bdf021c04dc5c7c7626b
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2caed79550c84018f7884125fd3e77e1ee5d2391383365be65f3bd7e2b0f4763
2ee737a1d1305fdaa71cb4c90438ab581c483eb17a912c0d491b54683690d027
2f64ec8be823db4320366c4ad53b475fef50a25c734854ca6386c14d9df301b1
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37077b87d1caa3442217807f021f2a5d2fa0fb968ccef83afe9704eed2f032c1
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
381546c6f210e65038edee116acf517220cef8599e6cd8051f58a2fcadb5561d
382dbe60c828cc841e1f187885998e867387cde0e2d373cea8c999cb6c9e1f5c
3dab1e3a8b2f0d2106645d4b5c9a4642b6b1e50c3ba237ba25389c549eb43fc4
3dddfde27cad19db69220474ceb14f23d492bbaa982d084bf04f3eaa1fce3adf
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
49bf438349cbba11f359c77a0d1c179c8be4804a283cd594bc450b6ec9d5b0fd
4a32db05db0ffd73794ea06d8e03ed592ceee3c3a38dd3333fe981abe8df7620
4a86e47d4b36c16d518c1cffbf8e81d172e35a445e9823aa06bbbad71ad08716
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c95d706475a153fe4bc12a4aae383e5bf845cba076d95d76f413f51424802ee
4d08f16f0ff8b128a21fa0eedcf799cb83430b52044260c8f09c5a3038c7a44c
4fbff6ff8867967f8d2558d1aea035ce50147119b8f295f6f46f038fba79bdb4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51c8296d90421e0e6e92b3a709d51ff7c4cf897920928de461317e5736a9ebf8
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54e6d35e5cc98ef65f88e06caca1f23c0e376a0fdd43255f64e204aeff77591d
55738599fe71fd6ee8ccb3594ac5f9f347c2828c4e08f2f713cd4dfbfaf77093
584562198deebf0701a800a6be837ec15ec63508ab6c7339936dfef05a6b211b
58966dd19b9cdb1002f80d1d041b3dc7313f3e093ab1157b0d70acb922516877
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60d7c6a3649bd55c6fdebc7e0296fc25ea9b4fb1aa9d1c2dbed937f276a2b3c4
6118a9bfaa3e25354c83d9c37985a19546fc80c22d96c9eedad373b864fb45b6
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
6482c5837882a55cba186a4ee499a28a3eda815ac33e833b374b2022c2280e1f
66292d1f2876ac355465cd5ca1562a9b1dc18c2cf0c498c7d5862ab0f22e5d6b
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
6963af239ecfb1f9722ba86fe3456a19c1d64a995295b3f3b220f5c8c22ef13a
6a3004d246720648d9e271be604a190373bcf3af4410374b3daf4b422f5f789c
717ea6166dc21f3664c0114337312fa0c9dc08643f269058693ff4e48fbc6bb9
727937d7f6440d3e7348ac06e0ed0a99f840a0c5511cb03520af9728f2c2e2fd
7342bf4487703692ce84ec36496caec42bba20068cca6f30a2c08050258c679a
741b01a4cc5c903de311927b384c32db7d6db56fcc028a212f3d22469eacfba3
74376393c26fe59ec8d36fce2ce596487f33b5d812c4ac6440750ec5eb3ae2ff
7442a14fc6ba892524fc46bd15e0cbdafcb40d0fbeb082c98bb457ab0b8db58a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7616892e8f6dc8f81dadfbdccbb470a98e8d4bd7b8786a9b9ea38597f7ed5769
76e46069eecc8e38a4448b2346e4c668ccb537e93cb0958fb113d810c2ba9e07
7a3b4c985dc5de60264f6a19da2b094563d3dfc6b1fc1bd33645cae3e0db6cc3
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165
7da39e61ffcf6c9467bed041e545fa2bcce539f064cdd9cd7875fd94cc57003e
7faa62d042872fad08371db0bcf219eeb981875a7d54bd2416f98a6f6500839e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82138c31e6b4983ed71aafea81717c727a854074d0bcc73968531d1d529afe68
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
85e35072a81a71a1c225bbf8c21516f987cf03eb4c01257d7eee61b9c9cd273c
862d66c1ed72f8ab70412213680625a75a5c8a43b1594cd59aa19fbaf8139933
869b582ac886fad953e6af710c648eb3f3a091f731afc15baea057e68650bd9b
86bf486c6eb0cfebd37b935926a7c5c81ff674200a8a2aee6f601ccd76699387
87ad22bf5e206b2b5fcaafae88f126ec2ec3b6c131e105c7ad11d367726fb631
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8d58e40fc86d99b7243997db72f795281469d70c368f91a73834f750fe410140
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
911b961bca558ef9165957323b3e1ca5d9b3ee37d521ac1f75eb7edbf749adba
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
936336239cd61e41c89bd0612148c1103704a7590cbdd785bbb638473c8a29b7
95031080831fd62b0946bfb827edf9279ddf3afa0711940b8d27e627f62046ea
959abe8ebde974186cb600169e560e4309322a426395cb02bfe9a5bda9b56cea
95a197d77b9034160ff10d2c8fa93a8c08605ca63713a2351449352198562c08
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
987f99479658144f51bb3d58724e6cad26e9c59b396c8da74781c49d3bd9072e
9899d82d0ed27e142f210a5b7d018a44325bdb4532f1f0ea87d797f97127e7dd
98ffa43839a9d6b9b6973ddbf6c68b8cf0d9a542d7ad794a0e93cc62f724294d
998f579f0b1ec059f011125f252beffc6777170ca561cd7c619c5daa9f2d33fd
9ba041fb7ce0769610c35dcbc5579be3d085f7a33201f2c3d3c8d8c0bf13266b
9c7bea3c42439d2bc8af4e8cfc21ca40b44e0627788c37a059d9f2be74f854ac
9e21fdcda9cefdc401f2237af0c78de5ffa35927cef6383feb7f580abe22bf51
9eff78a9f29c9828c1382db95605031958ba2647a448b6da0f4f9a9737daba0d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00f30ddf9a2b56880d70dfdaf59fbe15797466e90c8bdd797ecd996a2e540bd
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a35379550cb1ee6535778feb2dd72933ee045166239fc4973d5dbf26fb792d91
a3930c59a0de8f6716415416a01a3ef8ea72e4df5f9145d39f19164db53658d2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b40ab15c9b4fd99052ca5af37ce22f2379f8d2722d8e64f41bb3dc5389c75d
a6dca96a212c6402c4d9b155910bc9d4e16faa797569adfe3c3a23d55577ca24
a7095bba9a9b891520ef65674ee75ccb1f59bfd9e783f50c0beaefa8d19fd45d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74f21a6eb05e9de7232eb1725411a76716a3293d28789df154a252a2db31867
a7f00c9e5e37883fd44ce3f6ad58ab8b5ad8afdf11c11c8f974d9e3751427464
ab642e9c052bfd64b9d929e0ed93b17f59b0dcdca53669f5149cfd1424e92b93
ac7c34acd30b6584ddd29f57aaae2f52d9a05f2a3aac183b0132eb8fcd25872a
af22b7b8b927999e453225a1bbb00a6a4894a38f2df58f10c96e01bcafea8bc5
b08a2f80bcf848be1fdc9686ce95b4238e30c8dc8797b39b7dda2bc2936ef2fd
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b1030dab81163d716a755ba77cea16451af41dc895d449376f50a99465b662b6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b69811c3d615718ee1452f99f23a227f7ff9805051c3fe92c9bc0a2f5c058b88
b7ee3a4e6441516f78b8efdd07019c77a24c8f215b430359c1198aaad4ed3cfe
b848d5c3e3853e092fa468bf5d6da1d2d3ef02507ab917519eda5660a60df033
b91345dca89512f024e2e7e8dae13156c4723104dcc37a55faf43a5cd3087797
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
bab4cabc57f28f9241d293f370c5012bd4e4db85cadd1f565a8b214085bc099c
c11ba6adaf46c22f716d29a54bb2343f6d07b014266f6ad0798ca6df4db913c9
c7d2ef585af9a036fa3c7ddf68b0b08017acc5714470f3327d6840be031e7bfa
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd3c62c260be7b20d6d6c8150684e5f09e74753f1986f548b593a9895546c796
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3c3b565f609b08a7ee2b0c7b91d40792c06c5d1ac66213de62dadf52c369fa0
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7450045aaa3bd12dfa44c3ec5e345bfcc1429f3bc5ae6a97f61639c75a41d5d
d999a5f50fde956ed9e790e9da936ddea4c663dfaded50fa5de4d50ba3e5dcb4
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
dea36661bcd2e84495bb6ab5c2b679cde1267f5fd6e9e4f44908b3acb8816ec6
e035a94f0c4f8207f00e092953e54211aed7484c082ed3114e402b5b4c77f972
e0fb0f82e0fd27c623b3b177f98155b7d9f57b9cb3bafda58cf152e9fbcc3bca
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c2abb385cb068cc615d8602d390bb63fc31a30ccd451beff710564acf6969f
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e915b42bd3104526660e0dc21d2c6495a63a70f1ed68a199a34f4a37e15c03f5
ea567c5cfe8f47088661aeccbe96b83efcd1534f4b028338145fcfe810728024
ef0b37a81594b340c68391474f337d76fefa2aa8b7a5b9c0f80141fa7dd9a7ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f579a1e86dbdb794ba4269c38bbbc6a17d27789dae7f1ca9e4c0a7f6d5b1e4d9
f7e85c01aed2b50e53959ef60268dbb81284598c78224c38ae99c470d8bf7513
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd6de22bea23412c07dea5014cb261e95a237556c30b6f3ec0a032d787faf0c9