www.rawstory.com Open in urlscan Pro
2606:4700:20::681a:823 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.rawstory.com/qanon-congress-2649937672/
Submission: On January 14 via manual (January 14th 2021, 4:15:39 pm UTC) from US

Summary HTTP 435 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 89 IPs in 7 countries across 68 domains to perform 435 HTTP transactions. The main IP is 2606:4700:20::681a:823, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rawstory.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2020. Valid for: a year.

This is the only time www.rawstory.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:20:... 2606:4700:20::681a:823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
13	151.101.113.68 151.101.113.68	54113 (FASTLY) (FASTLY)
29	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.193.68 151.101.193.68	54113 (FASTLY) (FASTLY)
1 5	104.111.238.139 104.111.238.139	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
6	54.86.238.79 54.86.238.79	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:205... 2600:9000:2057:e600:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	54.84.196.220 54.84.196.220	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	35.190.90.202 35.190.90.202	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:4f22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.253.250 34.120.253.250	15169 (GOOGLE) (GOOGLE)
2 12	151.101.14.137 151.101.14.137	54113 (FASTLY) (FASTLY)
6	151.101.114.137 151.101.114.137	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19c::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
5	35.156.26.195 35.156.26.195	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:64:... 2a02:26f0:64::210:6bb9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
28	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
2	34.98.72.95 34.98.72.95	15169 (GOOGLE) (GOOGLE)
3	143.204.215.70 143.204.215.70	16509 (AMAZON-02) (AMAZON-02)
6	3.125.0.64 3.125.0.64	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:8800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3033::ac43:ac75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.157.13.124 35.157.13.124	16509 (AMAZON-02) (AMAZON-02)
2	52.25.47.180 52.25.47.180	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	34.218.102.95 34.218.102.95	16509 (AMAZON-02) (AMAZON-02)
11	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.195.225.18 18.195.225.18	16509 (AMAZON-02) (AMAZON-02)
1	18.196.104.43 18.196.104.43	16509 (AMAZON-02) (AMAZON-02)
3	99.86.5.213 99.86.5.213	16509 (AMAZON-02) (AMAZON-02)
4	35.158.189.107 35.158.189.107	16509 (AMAZON-02) (AMAZON-02)
1	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE)
1	35.190.80.193 35.190.80.193	15169 (GOOGLE) (GOOGLE)
1	35.227.203.40 35.227.203.40	15169 (GOOGLE) (GOOGLE)
1	35.227.245.6 35.227.245.6	15169 (GOOGLE) (GOOGLE)
18	52.14.222.78 52.14.222.78	16509 (AMAZON-02) (AMAZON-02)
1	35.227.229.34 35.227.229.34	15169 (GOOGLE) (GOOGLE)
4	2600:1f18:612... 2600:1f18:612b:4232:186b:cfde:ffb3:b55d	14618 (AMAZON-AES) (AMAZON-AES)
8	3.123.45.128 3.123.45.128	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
4	79.125.103.162 79.125.103.162	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
20	35.157.124.214 35.157.124.214	16509 (AMAZON-02) (AMAZON-02)
8	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	130.211.47.17 130.211.47.17	15169 (GOOGLE) (GOOGLE)
1	34.107.221.36 34.107.221.36	15169 (GOOGLE) (GOOGLE)
3	35.190.74.157 35.190.74.157	15169 (GOOGLE) (GOOGLE)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.22.61.253 52.22.61.253	14618 (AMAZON-AES) (AMAZON-AES)
1	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.120.107 104.17.120.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6818:7482	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.8.15.54 23.8.15.54	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	143.204.215.30 143.204.215.30	16509 (AMAZON-02) (AMAZON-02)
1 2	18.185.170.181 18.185.170.181	16509 (AMAZON-02) (AMAZON-02)
24	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
4	52.203.203.127 52.203.203.127	14618 (AMAZON-AES) (AMAZON-AES)
2	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
1	52.200.45.184 52.200.45.184	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e0:... 2606:4700:e0::ac40:6d0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6810:51a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
11	3.248.155.4 3.248.155.4	16509 (AMAZON-02) (AMAZON-02)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:206... 2600:9000:206f:9600:1f:2473:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.228.45.187 3.228.45.187	14618 (AMAZON-AES) (AMAZON-AES)
7	99.86.7.107 99.86.7.107	16509 (AMAZON-02) (AMAZON-02)
2	99.86.7.40 99.86.7.40	16509 (AMAZON-02) (AMAZON-02)
3	99.86.7.102 99.86.7.102	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:1e00:19:f03c:7200:21	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
6	34.254.210.226 34.254.210.226	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6812:a913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
435	89

9 2606:4700:20::681a:823 (United States)

ASN13335 (CLOUDFLARENET, US)

www.rawstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.113.68 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

assets.rebelmouse.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.rbl.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.68 (United States)

ASN54113 (FASTLY, US)

static.rbl.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
res.rbl.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.238.139 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.86.238.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-238-79.compute-1.amazonaws.com

pages-stats.rbl.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
user-stats.rbl.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:e600:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.196.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-196-220.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.202 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 202.90.190.35.bc.googleusercontent.com

scrubswim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eb.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.14.137 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.114.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:19c::26e5 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.7 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.156.26.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-26-195.eu-central-1.compute.amazonaws.com

us.ads.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pre.ads.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64::210:6bb9 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

kindest.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

53dab7933853502386cdba4744de8870.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7f9f7062360a3cbd833db047114b1ae4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de91ad3013e62fda1b91f59be7e79fc5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7e47893f52564f71897d3510a470183f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a493a6b486cc0c596130f9b72f16ccce.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8848be742946b8396069e5e864b7a0ec.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.72.95 (United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-70.fra53.r.cloudfront.net

cdn.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.125.0.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-0-64.eu-central-1.compute.amazonaws.com

tracking.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:8800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:ac75 (United States)

ASN13335 (CLOUDFLARENET, US)

api-2.kindest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.13.124 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.25.47.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-47-180.us-west-2.compute.amazonaws.com

usync.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.218.102.95 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-218-102-95.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.225.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-225-18.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.5.213 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-5-213.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.158.189.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.80.193 (Mountain View, United States)

ASN15169 (GOOGLE, US)

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.203.40 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 40.203.227.35.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.245.6 (Mountain View, United States)

ASN15169 (GOOGLE, US)

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.14.222.78 (Columbus, United States)

ASN16509 (AMAZON-02, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.229.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 34.229.227.35.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:612b:4232:186b:cfde:ffb3:b55d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

9rmjh-t0k0q.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.123.45.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-45-128.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 79.125.103.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-103-162.eu-west-1.compute.amazonaws.com

acds.prod.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 35.157.124.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

trk.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.47.17 (Mountain View, United States)

ASN15169 (GOOGLE, US)

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.221.36 (United States)

ASN15169 (GOOGLE, US)

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.74.157 (Mountain View, United States)

ASN15169 (GOOGLE, US)

detectdinner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.61.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

mantodea.mantisadnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6818:7482 (United States)

ASN13335 (CLOUDFLARENET, US)

images.getadmiral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.8.15.54 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-8-15-54.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.30 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-30.fra53.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.170.181 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-170-181.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.newsmaxwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.newsmaxwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.203.203.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

www.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

rawstory.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.45.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

static.newsmaxfeednetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e0::ac40:6d0d (United States)

ASN13335 (CLOUDFLARENET, US)

embed.yappaapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.yappaapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:51a5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.248.155.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:9600:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.45.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 99.86.7.107 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-107.fra6.r.cloudfront.net

img4.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.7.40 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-40.fra6.r.cloudfront.net

img5.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.7.102 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-102.fra6.r.cloudfront.net

img2.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:1e00:19:f03c:7200:21 (United States)

ASN16509 (AMAZON-02, US)

d1bvk193qme2fc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (United States)

ASN15169 (GOOGLE, US)

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.254.210.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

trends.newsmaxwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:a913 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com 53dab7933853502386cdba4744de8870.safeframe.googlesyndication.com tpc.googlesyndication.com 7f9f7062360a3cbd833db047114b1ae4.safeframe.googlesyndication.com de91ad3013e62fda1b91f59be7e79fc5.safeframe.googlesyndication.com 7e47893f52564f71897d3510a470183f.safeframe.googlesyndication.com pagead2.googlesyndication.com a493a6b486cc0c596130f9b72f16ccce.safeframe.googlesyndication.com 8848be742946b8396069e5e864b7a0ec.safeframe.googlesyndication.com	270 KB
36	connatix.com 2 redirects cd.connatix.com cds.connatix.com capi.connatix.com vid.connatix.com img.connatix.com	897 KB
32	vidible.tv acds.prod.vidible.tv cdn-ssl.vidible.tv trk.vidible.tv	445 KB
32	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	1 MB
26	revcontent.com assets.revcontent.com trends.revcontent.com img.revcontent.com cdn.revcontent.com images.revcontent.com	260 KB
19	advertising.com adserver-us.adtech.advertising.com ads.adaptv.advertising.com	8 KB
16	zergnet.com www.zergnet.com img4.zergnet.com img5.zergnet.com img2.zergnet.com	263 KB
15	newsmaxwidget.com assets.newsmaxwidget.com trends.newsmaxwidget.com images.newsmaxwidget.com	218 KB
14	justpremium.com us.ads.justpremium.com cdn.justpremium.com tracking.justpremium.com pre.ads.justpremium.com	82 KB
14	google.com 1 redirects www.google.com adservice.google.com fundingchoicesmessages.google.com	97 KB
13	teads.tv s8t.teads.tv a.teads.tv t.teads.tv sync.teads.tv	192 KB
13	gstatic.com fonts.gstatic.com	435 KB
12	rbl.ms assets.rbl.ms static.rbl.ms pages-stats.rbl.ms res.rbl.ms user-stats.rbl.ms	110 KB
10	googleapis.com fonts.googleapis.com imasdk.googleapis.com	117 KB
9	rebelmouse.io assets.rebelmouse.io	58 KB
9	rawstory.com www.rawstory.com	218 KB
8	lightboxcdn.com www.lightboxcdn.com	180 KB
8	moatads.com z.moatads.com px.moatads.com	175 KB
7	proper.io global.proper.io usync.proper.io bids.proper.io eb.proper.io	89 KB
5	disquscdn.com c.disquscdn.com	230 KB
5	ampproject.org cdn.ampproject.org	97 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	4 KB
4	disqus.com rawstory.disqus.com disqus.com referrer.disqus.com	35 KB
4	googletagservices.com www.googletagservices.com	93 KB
4	tremorhub.com 9rmjh-t0k0q.ads.tremorhub.com	2 KB
4	sharethrough.com btlr.sharethrough.com	457 B
4	3lift.com 2 redirects tlx.3lift.com ib.3lift.com eb2.3lift.com	1017 B
4	google.dk adservice.google.dk	2 KB
4	bounceexchange.com tag.bounceexchange.com assets.bounceexchange.com api.bounceexchange.com	138 KB
3	yappaapp.com embed.yappaapp.com widget.yappaapp.com	4 KB
3	detectdinner.com detectdinner.com	24 KB
3	cdnbasket.net data.cdnbasket.net page.cdnbasket.net view.cdnbasket.net	1 KB
3	amazon-adsystem.com c.amazon-adsystem.com	34 KB
3	quantserve.com edge.quantserve.com secure.quantserve.com pixel.quantserve.com	18 KB
3	google.de www.google.de adservice.google.de	445 B
3	google-analytics.com www.google-analytics.com	19 KB
2	clean.gg i.clean.gg	104 B
2	cloudfront.net d1bvk193qme2fc.cloudfront.net	71 KB
2	pubmatic.com ads.pubmatic.com
2	cdnwidget.com ids.cdnwidget.com e.cdnwidget.com	237 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net	1001 B
2	kindest.com api-2.kindest.com	568 B
2	chartbeat.net ping.chartbeat.net	337 B
1	bfmio.com sync.bfmio.com
1	azurewebsites.net lightboxapi.azurewebsites.net	794 B
1	googleusercontent.com lh3.googleusercontent.com	6 KB
1	newsmaxfeednetwork.com static.newsmaxfeednetwork.com	2 KB
1	getadmiral.com images.getadmiral.com	4 KB
1	brealtime.com biddr.brealtime.com
1	mantisadnetwork.com mantodea.mantisadnetwork.com
1	indexww.com js-sec.indexww.com
1	2mdn.net s0.2mdn.net	11 KB
1	adnxs.com ib.adnxs.com Failed acdn.adnxs.com
1	districtm.io dmx.districtm.io Failed cdn.districtm.io
1	undertone.com hb.undertone.com Failed cdn.undertone.com
1	rubiconproject.com fastlane.rubiconproject.com Failed eus.rubiconproject.com
1	emxdgt.com hb.emxdgt.com	308 B
1	casalemedia.com as-sec.casalemedia.com	2 KB
1	quantcount.com rules.quantcount.com	346 B
1	azureedge.net kindest.azureedge.net	7 KB
1	scrubswim.com scrubswim.com	30 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	onesignal.com cdn.onesignal.com	3 KB
0	openx.net Failed propermedia-d.openx.net Failed
0	lijit.com Failed ap.lijit.com Failed
0	criteo.com Failed bidder.criteo.com Failed
0	omnitagjs.com Failed hb-api.omnitagjs.com Failed
435	68

	Domain	Requested by
29	securepubads.g.doubleclick.net	www.rawstory.com securepubads.g.doubleclick.net global.proper.io www.googletagservices.com
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net scrubswim.com www.rawstory.com tpc.googlesyndication.com cdn.ampproject.org
20	trk.vidible.tv	blank www.rawstory.com
18	capi.connatix.com	cd.connatix.com
13	fonts.gstatic.com	www.rawstory.com fonts.googleapis.com
12	images.revcontent.com	assets.revcontent.com
11	trends.revcontent.com	assets.revcontent.com d1bvk193qme2fc.cloudfront.net
11	adserver-us.adtech.advertising.com	global.proper.io
10	pagead2.googlesyndication.com	www.rawstory.com securepubads.g.doubleclick.net
9	assets.rebelmouse.io	www.rawstory.com
9	www.rawstory.com	www.rawstory.com
8	images.newsmaxwidget.com
8	www.lightboxcdn.com	www.rawstory.com www.lightboxcdn.com d1bvk193qme2fc.cloudfront.net
8	cdn-ssl.vidible.tv	acds.prod.vidible.tv cdn-ssl.vidible.tv
8	ads.adaptv.advertising.com	cd.connatix.com cdn-ssl.vidible.tv
8	img.connatix.com	www.rawstory.com
8	t.teads.tv	www.rawstory.com
7	img4.zergnet.com
7	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
7	fonts.googleapis.com	www.rawstory.com kindest.azureedge.net
6	trends.newsmaxwidget.com	d1bvk193qme2fc.cloudfront.net
6	tracking.justpremium.com	www.rawstory.com
6	cds.connatix.com	www.rawstory.com cd.connatix.com
5	c.disquscdn.com	d1bvk193qme2fc.cloudfront.net
5	fundingchoicesmessages.google.com	www.rawstory.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pages-stats.rbl.ms	www.rawstory.com d1bvk193qme2fc.cloudfront.net
5	sb.scorecardresearch.com	1 redirects www.rawstory.com
4	www.zergnet.com	www.rawstory.com www.zergnet.com
4	px.moatads.com	www.rawstory.com
4	z.moatads.com	cdn-ssl.vidible.tv
4	acds.prod.vidible.tv	cd.connatix.com
4	www.googletagservices.com	securepubads.g.doubleclick.net cdn.justpremium.com
4	9rmjh-t0k0q.ads.tremorhub.com	cd.connatix.com
4	btlr.sharethrough.com	global.proper.io
4	adservice.google.dk	securepubads.g.doubleclick.net
4	assets.rbl.ms	www.rawstory.com
3	img2.zergnet.com
3	detectdinner.com	scrubswim.com
3	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
3	pre.ads.justpremium.com	us.ads.justpremium.com cdn.justpremium.com global.proper.io
3	c.amazon-adsystem.com	global.proper.io c.amazon-adsystem.com
3	cdn.justpremium.com	us.ads.justpremium.com cdn.justpremium.com
3	a.teads.tv	www.rawstory.com s8t.teads.tv
3	www.google-analytics.com	www.rawstory.com www.google-analytics.com
2	disqus.com	d1bvk193qme2fc.cloudfront.net
2	i.clean.gg	d1bvk193qme2fc.cloudfront.net
2	d1bvk193qme2fc.cloudfront.net	assets.revcontent.com d1bvk193qme2fc.cloudfront.net
2	img5.zergnet.com
2	embed.yappaapp.com	www.rawstory.com embed.yappaapp.com
2	eb2.3lift.com	1 redirects global.proper.io
2	ads.pubmatic.com	global.proper.io
2	adservice.google.de	securepubads.g.doubleclick.net
2	7e47893f52564f71897d3510a470183f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	7f9f7062360a3cbd833db047114b1ae4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	vid.connatix.com	cd.connatix.com
2	bids.proper.io	global.proper.io
2	ups.analytics.yahoo.com	2 redirects
2	usync.proper.io	www.rawstory.com
2	x.bidswitch.net	2 redirects
2	api-2.kindest.com	kindest.azureedge.net
2	assets.bounceexchange.com	tag.bounceexchange.com assets.bounceexchange.com
2	us.ads.justpremium.com	www.rawstory.com us.ads.justpremium.com
2	cd.connatix.com	2 redirects
2	global.proper.io	www.rawstory.com global.proper.io
2	www.google.com	1 redirects www.rawstory.com
2	ping.chartbeat.net	www.rawstory.com
1	referrer.disqus.com
1	assets.newsmaxwidget.com	d1bvk193qme2fc.cloudfront.net
1	cdn.revcontent.com
1	img.revcontent.com
1	sync.bfmio.com	global.proper.io
1	cdn.undertone.com	global.proper.io
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	lh3.googleusercontent.com
1	widget.yappaapp.com	embed.yappaapp.com
1	static.newsmaxfeednetwork.com	www.rawstory.com
1	rawstory.disqus.com	www.rawstory.com
1	assets.revcontent.com	www.rawstory.com
1	ib.3lift.com	1 redirects
1	sync.teads.tv	global.proper.io
1	eus.rubiconproject.com	global.proper.io
1	images.getadmiral.com
1	biddr.brealtime.com	global.proper.io
1	cdn.districtm.io	global.proper.io
1	mantodea.mantisadnetwork.com	global.proper.io
1	js-sec.indexww.com	global.proper.io
1	acdn.adnxs.com	global.proper.io
1	e.cdnwidget.com
1	ids.cdnwidget.com	assets.bounceexchange.com
1	8848be742946b8396069e5e864b7a0ec.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	a493a6b486cc0c596130f9b72f16ccce.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net	www.rawstory.com
1	s0.2mdn.net	imasdk.googleapis.com
1	de91ad3013e62fda1b91f59be7e79fc5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	eb.proper.io	global.proper.io
1	api.bounceexchange.com	assets.bounceexchange.com
1	view.cdnbasket.net	assets.bounceexchange.com
1	page.cdnbasket.net	assets.bounceexchange.com
1	data.cdnbasket.net	assets.bounceexchange.com
1	ad.doubleclick.net	scrubswim.com
1	hb.emxdgt.com	global.proper.io
1	tlx.3lift.com	global.proper.io
1	as-sec.casalemedia.com	global.proper.io
1	pixel.quantserve.com	www.rawstory.com
1	rules.quantcount.com	edge.quantserve.com
1	secure.quantserve.com	global.proper.io
1	user-stats.rbl.ms	www.rawstory.com
1	53dab7933853502386cdba4744de8870.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	kindest.azureedge.net	www.rawstory.com
1	edge.quantserve.com	www.rawstory.com
1	s8t.teads.tv	www.rawstory.com
1	tag.bounceexchange.com	www.rawstory.com
1	scrubswim.com	www.rawstory.com
1	www.google.de	www.rawstory.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.chartbeat.com	www.rawstory.com
1	res.rbl.ms	www.rawstory.com
1	static.rbl.ms	www.rawstory.com
1	cdn.onesignal.com	www.rawstory.com
0	ib.adnxs.com Failed	global.proper.io
0	propermedia-d.openx.net Failed	global.proper.io
0	dmx.districtm.io Failed	global.proper.io
0	ap.lijit.com Failed	global.proper.io
0	hb.undertone.com Failed	global.proper.io
0	bidder.criteo.com Failed	global.proper.io
0	hb-api.omnitagjs.com Failed	global.proper.io
0	fastlane.rubiconproject.com Failed	global.proper.io
435	128

This site contains links to these domains. Also see Links.

Domain
kindest.com
www.teepublic.com
www.facebook.com
twitter.com
share.flipboard.com
www.cnn.com
www.youtube.com
donate.kindest.com
www.kindest.com
trends.revcontent.com
faq.revcontent.com
www.revcontent.com
intercom.help
www.zergnet.com
www.businessinsider.com
trends.newsmaxwidget.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-30` - `2021-07-30`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
rebelmouse.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-01-04` - `2021-04-28`	4 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.rbl.ms Amazon	`2020-07-02` - `2021-08-02`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
scrubswim.com R3	`2020-12-23` - `2021-03-23`	3 months	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
tag.bounceexchange.com R3	`2020-12-29` - `2021-03-29`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-11-19` - `2021-02-17`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
tracking.justpremium.com Amazon	`2020-11-26` - `2021-12-25`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
*.google.dk GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
assets.bounceexchange.com GTS CA 1D2	`2020-12-24` - `2021-03-24`	3 months	crt.sh
justpremium.com Amazon	`2020-05-02` - `2021-06-02`	a year	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2020-12-20` - `2022-01-20`	a year	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.emxdgt.com Amazon	`2020-07-31` - `2021-08-30`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.cdnbasket.net Go Daddy Secure Certificate Authority - G2	`2020-07-29` - `2021-09-27`	a year	crt.sh
api.bounceexchange.com GTS CA 1D2	`2020-12-25` - `2021-03-25`	3 months	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
acds.prod.vidible.tv DigiCert SHA2 High Assurance Server CA	`2018-01-24` - `2021-01-28`	3 years	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2020-12-19` - `2021-06-15`	6 months	crt.sh
trk.vidible.tv DigiCert SHA2 High Assurance Server CA	`2018-02-21` - `2021-02-25`	3 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
ids.cdnwidget.com GTS CA 1D2	`2020-12-06` - `2021-03-06`	3 months	crt.sh
e.cdnwidget.com GTS CA 1D2	`2020-12-18` - `2021-03-18`	3 months	crt.sh
detectdinner.com R3	`2020-12-25` - `2021-03-25`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
*.mantisadnetwork.com Amazon	`2020-11-13` - `2021-12-12`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
getadmiral.com Cloudflare Inc ECC CA-3	`2020-06-13` - `2021-06-13`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
assets.revcontent.com R3	`2021-01-14` - `2021-04-14`	3 months	crt.sh
www.zergnet.com Go Daddy Secure Certificate Authority - G2	`2019-05-24` - `2021-07-13`	2 years	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
newsmaxfeednetwork.com Amazon	`2020-09-23` - `2021-10-23`	a year	crt.sh
yappaapp.com Cloudflare Inc ECC CA-3	`2020-07-02` - `2021-07-02`	a year	crt.sh
ssl516460.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-10-27` - `2021-05-05`	6 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 01	`2020-09-28` - `2021-09-28`	a year	crt.sh
*.undertone.com Amazon	`2020-12-11` - `2022-01-09`	a year	crt.sh
*.bfmio.com Amazon	`2020-06-14` - `2021-07-14`	a year	crt.sh
*.zergnet.com Amazon	`2020-04-26` - `2021-05-26`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
img.revcontent.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-15` - `2021-02-13`	3 months	crt.sh
cdn.revcontent.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-15` - `2021-02-13`	3 months	crt.sh
i.clean.gg GTS CA 1D2	`2020-12-23` - `2021-03-23`	3 months	crt.sh
images.revcontent.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-15` - `2021-02-13`	3 months	crt.sh
assets.newsmaxwidget.com R3	`2021-01-09` - `2021-04-09`	3 months	crt.sh
newsmaxwidget.com Amazon	`2020-09-21` - `2021-10-21`	a year	crt.sh
images.crserving.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-16` - `2021-02-14`	3 months	crt.sh

This page contains 54 frames:

Primary Page: https://www.rawstory.com/qanon-congress-2649937672/
Frame ID: 2E510B19D35E898AF5E8AD351A513278
Requests: 243 HTTP requests in this frame

Frame: https://cds.connatix.com/p/91852/connatix.player.dc.js
Frame ID: BE1D320BBAB36F84D98FEF4094219A2C
Requests: 19 HTTP requests in this frame

Frame: https://cds.connatix.com/p/91854/connatix.playspace.dc.js
Frame ID: FE0565C63D3B8BC34F8768A25EB29C55
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C8CE7D25A210E21EBAC7CF026EFC8321
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0DFDB1D19906D8BFBB36C529CA966E1B
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0DAE1B243A9146D25BC2BA1ACAF40C84
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: BEFE1938C22F674B4C103120DB475224
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 8042BCC8EC53D9C507706EBC793067E1
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 435AD257003DDA9DC4A354AD332F00D0
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 15BB9835523FC94DAD809EEF8EC7EB34
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: DCEA367977E94E3399936CF6AFFD6657
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: E3FBFEE367A772E36A431B97EC6D6E5A
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: B64567477EE3B000082DC433BBC6938A
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Barlow:400,600,700
Frame ID: 71E288158B95AF4CF2C8D4D3417D7BC9
Requests: 2 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync
Frame ID: 0897F0EE00C431BD38E388855E9FBF0B
Requests: 1 HTTP requests in this frame

Frame: https://tracking.justpremium.com/tracking.gif?rid=r-d48df8db-a072-469a-8fcc-31e2a4ba2130-104346-914305771&sid=r-4463406e-8afa-4a8e-a66e-d707143efee2-30856-88511121&uid=&vr=v2.50.375&ru=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&tt=1610640917712&siw=1160&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.0&vn=eu-central-1&sd=&_c=a7j2ofg1610640917712&et=&aid=282398,282398,282398,282398,282398,313088,313088,313088,313088,313088,298236,298236,298236,298236&said=1015224,1015225,1015226,1015227,1053737,675040,654554,654553,654552,1017296,685922,685923,685924,1040915&ei=541166864%2C22338131%2C19723160%2C430427%2C%2F21711633394%2Frawstory.com_US_PushUp-Billboard_68057%2C%2F21711633394%2Frawstory.com_US_Page-Peel_68057%2C22156097%2C17424062%2C540884829%2C430436%2C540955932%2C18352111%2C22213954%2C430429&fc=pu,pu,pu,pu,pu,pa,pa,pa,pa,pa,ca,ca,ca,ca&sp=22,1,32,39,13,13,1,32,22,39,22,32,1,39&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=68057&dr=67&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A8946%7D&ty=ex
Frame ID: 734E17B126FCF86316F8DB8B42F9838D
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.433.1_en.html
Frame ID: 7663BE395E269DF305A832DD5E09C59E
Requests: 1 HTTP requests in this frame

Frame: https://7f9f7062360a3cbd833db047114b1ae4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 8F92089596DEC11B960F164F4D77BF2D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: A0F59CA1FDD7C570CA04754B41517975
Requests: 15 HTTP requests in this frame

Frame: https://7e47893f52564f71897d3510a470183f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 82409445493E37ECCF7AEE059B65C23A
Requests: 1 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1249306&orgId=19368&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vrid=287fd966-126b-4131-b87b-95e465783aaf&pblob=
Frame ID: E7D9DAF6BEE1AAD5C8554AB545158050
Requests: 9 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 9D7CEFEFD563F5C91D628B263BC951BE
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 7DB48BD4E161568213ADCE6466D4F6C3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 5DF89EB2238AFED89EC9C8026C79B3D6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 70F6BD86759C5A19D34B7BFEF67E53F2
Requests: 1 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: 23812FD02CDDD2E46042F3649150FA97
Requests: 1 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1249306&orgId=19368&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vrid=e177a7f9-d0c4-49f1-acd4-92e0f895c71c&pblob=
Frame ID: 7365E3BD946ACDB4CF596F80AD754711
Requests: 9 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: BC60C0B7991D702738A5E660A3A3BFD3
Requests: 1 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1249306&orgId=19368&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vrid=449a826b-4460-4569-a420-9c6bd2a22635&pblob=
Frame ID: 5BB699E7D56298EDF8CB32991CF0BA62
Requests: 9 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 4706E37712119E71FA9D01FB89B11C40
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.433.1_en.html
Frame ID: BF29B820C641E24B66964F7268D6915D
Requests: 1 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: A9E5C2CEBA0656B715EABF337EBEAFFB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 0651D67B31A569E661EFEDE8DC4EAA9F
Requests: 1 HTTP requests in this frame

Frame: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1249306&orgId=19368&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vrid=83c658ec-1f8a-4507-afc1-9930d980c39c&pblob=
Frame ID: 9A3C029482FC84B21C801C5D8886E63B
Requests: 9 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: EFDD35F89E9A1D2E5BB802FF78649E70
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: D9577971F477BA2B7759A4C79B144D2D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 181E5B96C6972C82EDD5E165A1808AAF
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1610640915676&secure=true&version=9&mobile=false&title=MSNBC%27s%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues%20-%20Raw%20Story%20-%20Celebrating%2016%20Years%20of%20Independent%20Journalism&url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
Frame ID: D7153D3A5986FDE7300747AB8A8BF052
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: CADDEF4797C44580FABE3B966CEA459E
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 01E60B94491BDEAB4611FFD9AFB42245
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a15rz491610640916030
Frame ID: 1EAFD1D6149361D482538B14F9A7B6A4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 02C3AE23864E0EFF0B5E9213464A2484
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 001B3C17BDED91F7238D1DE106A311F6
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A12%7D
Frame ID: 838B02F832169A9A63F9DE24A57DFC09
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 4AA4EC806CF21EBD65777FB67AE245FE
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/lightbox.js?mb=1610640923206&lv=1
Frame ID: 9D7BC1C271BE58059F41B0A6F5ECCA58
Requests: 2 HTTP requests in this frame

Frame: https://widget.yappaapp.com/?url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&content-id=&disable-ads=false
Frame ID: DE54FF431A466B16FC7C936E24375A9A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 9F36BD7E0176F264C7254760E1E14BA5
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Frame ID: CFC9D5B714A8DA040453AD9B0B6E9592
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4C4A96D6E1D125130B3904B13ADAFE66
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/lightbox_builder.js?cb=637447765373566247
Frame ID: FE0A15A3F66E489CCB3373AC076E1A23
Requests: 3 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=rawstory&t_i=2649937672%20https%3A%2F%2Fwww.rawstory.com%2F%3Fp%3D2649937672&t_u=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&t_d=MSNBC%27s%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues%20-%20Raw%20Story%20-%20Celebrating%2016%20Years%20of%20Independent%20Journalism&t_t=MSNBC%27s%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues%20-%20Raw%20Story%20-%20Celebrating%2016%20Years%20of%20Independent%20Journalism&s_o=default
Frame ID: 998C4BABBA762B53869E92C62A95B631
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 6857ECDE0D44C6781CC52BDC011165A7
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: D4ABA8509542A85CF0BC22759569AEA4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

435
Requests

97 %
HTTPS

35 %
IPv6

68
Domains

128
Subdomains

89
IPs

7
Countries

6267 kB
Transfer

16399 kB
Size

0
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://kindest.com/816288-the-fight-is-not-over-invest-in-courageous-progressive-journalism?utm_source=kindest
Title:

Search URL Search Domain Scan URL

URL: https://www.teepublic.com/stores/raw-story-store?ref_id=9578&sort=popular
Title: New: Shop to Support Independent Journalism

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F%3Fxrs%3DRebelMouse_fb%26ts%3D1610633863

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.rawstory.com/qanon-congress-2649937672/&text=MSNBC%27s%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues&

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?v=2&url=https://www.rawstory.com/qanon-congress-2649937672/
Title:

Search URL Search Domain Scan URL

URL: https://www.cnn.com/2021/01/11/politics/bonnie-watson-coleman-covid-19-positive/
Title: asks

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=SDW4mky1Pzs&feature=youtu.be
Title: www.youtube.com

Search URL Search Domain Scan URL

URL: https://donate.kindest.com/836548-the-fight-is-not-over-invest-in-courageous-progressive-journalism
Title: Make a one-time contribution to Raw Story Investigates

Search URL Search Domain Scan URL

URL: https://www.kindest.com/campaign/raw-story-investigates-invest-in-progressive-independent-journalism-mv5yknc-n
Title: Make a one-time contribution to Raw Story Investigates

Search URL Search Domain Scan URL

URL: https://www.kindest.com/campaign/raw-story-investigates-progressive-independent-journalism-LynAqupbb

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=snr3QnGmGkdrR2VhV%2BfIdltLfSa4Jkf15QC0rou228tCSLhOtScznXIT8%2FONcuZ8EfjXZzGPHwk8Av1YO6b6d5jDsKWVYikgYag7N9Nye6Dn6EAZexiPkf1TaM1GIU%2FF8GL9RnOIHO%2FyDsak2qnRrs9zgq979ygpA803lxeIAp2uc8whI4lcKoMxhlLy93gN%2FzrMsNHWaXsMWeF4NlzsPEBTFjHgc%2BE7f7EGV6iEp1ziKMFN5nqksN%2F9Lqd%2BpBfO1tXyucd1pZM0170ekZ8TrhmFOIak24Y44bvj0eBgCjXrDNmpy6ORWxeYwIGBAwAve%2FZIlDk%2BpTbGGr24I8fbROLgkYjY6Wry8iYxOgtPKHomBoMokh9dTMQb8SLR0UMjrwSqbgqyFljc6jsiJGy4NaAFiok1blmJ0D4e7RQMGWDzQFC92qFORhPBICk7%2Bi2qfnzRusHZq0l8l%2F%2BU08Dt3fIFI8MBkeoJCbGNaDa5Dt0BUUTw18yiaV1ezZhsG48Ew8%2B8ZGBTTlwgMaysEdth%2FCqWdoq29nTlRZLKxy8jEQRcFRe6h50RDhTMvSXX3tE7MI%2FDi39B%2FO9gL2oKIrQcF2%2BBtl0CmKHlzxthnj18xQNFqR8mta7%2FoS1bo3SA6J%2BrEzUv0eoegoGsuXZ4celQNfY8P%2BjI8ylRONyzUvWPxMWVATAO090fjb22veBw4gfq9SBVXYcP17ExVT1BZ%2F6dosiWKlpCeeqFyy1NpXEU4CcA913OtV6vPuhC5Vw00vOmEI34%2Bynl%2B%2F6uDIesue3iZrfJTiuRNj6zX7IaJyyYSUESydBfn5ynOzENdn8xRI9whLvc0eqQNeGD38AnNRqN4U%2FxCTAMJ88NM7Lwlk2mPz%2B8JRXUO0eqM0A1m4ko4RO%2BlJos%2B6c5xD3%2BJ4Gl6XEh3uMSkKDkXAmuq88%2Bukm0JIT%2BwyP072AH2Am5Z%2Fp32v4WEMX9R3OzZdCB9B6tlweW0Xcmhd07rnvjdkyQd3%2FgBAGrTdEwlCxPHtgxnIFMyEphBx0GVeR3vsM9bICBVivj5eBjNynCJ1XJl9RQl%2FJBQMut1ltWB%2BxQL98f8%2F7r9hOxUTJMTyBPhr%2FMHQehfJkhdfNe7UmUftveKgUIyYNLExsdfuAOA9sXiZt6%2B7NBXoipZnJUYTH1Ve1nVKgKxePCC4RyvwMMq4vzfZKtz2%2Br%2FTOchJ2gcK38anHGX%2FAgBkCk1RSQ44N%2FSY5J5sOQTC0QwG6M%2BiNRhY9jpqMIQPRMgg9bgFKKBZ4wPkVDa8ckPn9d0%2BHApS4ayniO3Uz3x%2FjOTw%3D%3D&s2s=1
Title: Anyone with Ringing in the Ears Should Watch This (They Hide This from You)

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=QymDf11TS3Ir9NdWw9ACJxdCl%2BQ69Fo7OkzkIJCOJDNcg6tIzXAH7sp%2FZ8eUU8KSPtkznF5XLCTZJfybxMdRfn%2FPir4v0kNi28cGkWxtf2%2FJVbpVk5OxzscpI22ff5HdXbjbSnWzp31DymUJBgqG3vbaB9C4JSdhDNOo%2FVdWGA54NrY6YpS%2FAzQXFRSKVdCmA040wczI9T3VeJoZ3JRVYkaKtMPSeJHwl7HAvlN1skPn3nJdLaNEaT1G8koSDBp2q6gp%2F5%2FRr%2FXjkZtvNXOe%2B6Y0zM9cdnC4fb3RHkiMJSAwbavlpMRAn7IPlWi6PouBYpKWZvp1sHgwWX98d9rrI1Jo4RM%2BLzYWQ1FwjjSY6TS%2FeJIUgDpJZSSP2wySfl1hEOYtlYKuheA1fmt8I9AzbQjhasZiCn983QeIxy%2B6GzimIJLv2xbOfrphfhuz5fIqrHmHPPllX4sdqP%2FVKXr6Z6IHplqow%2BF7FovSQqk9lSaLP7Hj5pg3UVs08BMnFT5foiUN%2FzYpDXfynXbuoJ%2BcKNVAyMP3vihXaq4apu5YKlrXoNI5wohkhJUA0jpavlwgF%2BA8kKBgQ6LrQgNVxNovxCSmpXdUvFFFl5Ne8xu8oH9zO1NWad5kBt%2FaKvTn74iziK0cXN1%2FBpoFo7JUqpNedt%2FWYYZanEq1Rr0D17UIH4WdlMf7e4HHn63jljWjdf5PFXk854SuUeFfElmS0gcwJ1qrJ406uWLOrN%2BHCz0O8tdA8rJu9dwY6kivXDkXH67ERDKfh%2BKJEzzTSyfSlxrz%2FhFDjzZm4DlQhSNpijtRfe1Y401LIwJSmS8WO813H5C9zKpdypdBO49%2BSYbIOk5p1MOj3o9iPJY7gIJ%2BkM28SEoFicAum%2FyklB3tjkDNNR9Fg%2Bz6V9hc3MTa7nGboU2IY2fJFNrvFQJD29F%2BEWkkg1w9SocLPHj9ZIXvGopTT0qQzjMoI8vQui10b4CaIKfqYNIXKneRgGaJvgOiBVsN%2BFmVD1Jfd0y7fPu%2F9g%2B2Mx%2FuKRBko%2BarkgRPqgVnPLD%2B4sFV%2FVbzCQhyK3CbPwT1t4iUkiH8rr%2BibQOfYJ2CPblyo7iEFJg%2BEelJ125aLg10dJDp8bP6IacFYPw9ZU90wSgzZznjhYDwnzNDbTb1Lck124kjCV5G7swVKiGoSzmoFQ%3D%3D&s2s=1
Title: This Video Will Soon Be Banned. Watch Before It's Deleted

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=8EBhrOfrfGDkRK4rTPiz%2BCJbvV5TPLjNwOin9hwNYlGtV9rwYaISERA8z8peTRtuL7ASPfmIIdPmRD4Un0AZVj94NSliqu0O5VMUEbi36WmXvQL6KWUUFWQi69pT4l21YOs0qoRActjlB733hKe04mogQFYSdXu84RCNjLAKpLw4srSPIJkM7c5pTuC4y%2Fo2h1v6UiLwNHQIk0J1hoJBa1is7kS2bwqCKC%2FiyCsrtz%2BgfK1qUw5sBL1iwKErKRS2gCfvC7hbmWBSS8aPcPmtxS2n0oG8ROJ6nfGrUg2n3So0vrmdz%2B58U3dvWut3Lr2JhZp33TL3aIOMIHq%2FZeZn5nLgyYnFuE4clysBwpeaqaVHL2vkGBuMsPj5UZxPBaB%2FUIuRUUkXUD6fiZRZjLxZhK%2FMwJIx4PvWTcRuK5hRj3G27UW5pDghxgi45u4hu%2BLuP7aj0v%2FdYhdXk0ksxA6%2F%2FxJNH%2B8IDzz7gj0k9oYVh1lSw0Hx%2BQRfFOAYaCBLU7RrQ1rrUN0xtRK0e3Y%2FeVM69WcftVfV3SqlcVkwxYJ4PVJ8xwKgno51ADC3on2Vt1pCSDB%2FPB6XOy7jy%2FZrN9T1Lh%2BpxPN27u0lYtEq5PUcdInEGsTp1IQR4pmVmaujoRTENeyz7rr3ahVfDV4RuzjUvCI%2BxT8S6A2q9HNKy7kIHLtXXbhAGMpnREEibxaRaABS9VVSoWrz%2BqZeSkcCqVpA974ino54GGkAulG8NoXx0x%2BmFx7F7EqWSmLySklvfRoNT9hRVvgb%2ByALcFWqtJx9%2BOkr8Vh8XqCyiGFOb32QiteO%2BxmM5q37QJvbrNLwowquNVqdIRvM4xHxCXKovoctEb4r%2BZgV0SDS9AiFkdePqoOMoZGDfnX%2BnZn46Xz9XDvKAmb7PTYcF0aqSrKszCowfYmx8d3W7uHvDOLLn2tV%2B0zUkCkf6Eo5ueci3cErkAO2b7loyVdUiUuk4lhqRGFb%2By82Y%2F2J7oSlxWDsgRh2i2HekAc3NctRq7aScdIKFiHzLf3Tlc%2Fc0v2wW5l7kujGby3B52VewhU%2FdChff2xAzDGVFYlCe0zj61Q0XDbgBW5j&s2s=1
Title: Take Your Bitcoin Now. Sign Up on Binance!

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=MvV4zhgBhhIvFRGVznFqEbn2v7I67XoCNoYoPBJBuOEGa8gYowYlHPR9ECmcKRKUMu5G2Ivhy5pKUZ87zXHg%2BwxRNER4fz7gdY2WwtbmrnbhNfHu5uAifndbN9KCwuZH3W3P3MshgqdyuVj2fzW3zwdPUILxInjG%2FSetBJt6p6F%2BlB%2FHXCBE7Yir%2Fen9eqLmFwCHl6cGvLdXNEAEj5gJkNMyBZ%2BO%2FYGYaAm7YjQVyAIKOV6At14yP2vIAcwSOwpYHELnPG6OiBlxJbHk95Y8MzZPPqt5PJLCX5JBkWWXwom4xgPscL2%2BlDgHV1ld6Jn5DAIiK6uqRh2R3TEvUdy026qAkNyk5eP%2FxyJ%2FE8DRKi0XzveAh5wKgvj0I5yXmPgOZQJv7LaBY4qVTTdmlbMDUN6gm4gviTC7ZRTuu4FGVisQo1CexzpfZICOalq6P%2FeEUlyVtFqnTA4%2FoNN6SeCDrabFtnRIkFTkQ%2Bt7YA2lBuc1aV4PO%2BcwMtvUELR5a%2BLZ4fa7uqT65H%2F%2FVYv8kq%2B9lt4tSkzF%2FUsdO%2FJdTywMFFCOFi9uYeCMRdz%2FWNkl%2B827pvE4%2FakJg9R9BhPQwq1ON09%2FHZpEeil1SqZMjP00m7R709yOem1TSo5kM8ri4k%2BSj0CqJ4syr9HiMsukmNi4Th8zIPJHgvgVt21uDCyvL1H%2BPxIGYJcwk9WLSjNdOzbnfl13pFODlfQg0J7eGxjEpCrsR1HAdZapQcFyAQarYISv6%2BKUltJYG3HFvTXYwo0lBDv3xtRubbSJ4cLTg8jst6OEhPwbDJbquZx5it5AJQZUBcJVLb08%2Fw0U5hyIvrgeRTnLahWaxnGL%2F12NHCwuLrHEaLibJ6F7A6EBT47KmH2ERrDnq1kTP2ExIOO7kYKatawl6u6W2QOk85Prm2k7cNZtr%2BGpWjyQzkuY5S870HBv9TNav2St2dJO1y%2BGMeH7e6DmwB5EypSEc6j0Y5XLcOJ0FUsdAlGhlI88PPbgbKkOGOgwjee130KeMsmZDF2WAHkVLo78DK5rK7xWjKJBKIcs7Tgh4gMrvjMR7EdI3L0SIFbL%2BMuvgNRNPYvRsskyZhMW9vmlZD4rv8CH2NX272DGPfWDR66HZaxa4OkXYM1F23Ur5J8wVbug5%2BmkC6ejSU%2BRXv5DhyRkxt%2BZzLwXzw%3D%3D&s2s=1
Title: You'll Never Think About Solar Panels Again After Seeing This (Watch)

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=hnFmOjzYig2s4rP2dmef2hRVdpiqBnq8gUBalUPyOAASiujcaPvMEkiBtd54FqUfM4LAXCimu6kolCFLgjORVJJE7b15KSY2RWOTiykWx5SRcd0UF6M%2FxmIWsLWW%2BeP04Y2uZ8IUy5E21Ct%2FuAdfiVw%2FI8txauNDkDcjY%2BWet73ETdA2Nk8WtiN%2BYcKwAf%2BtkQ5knJeFBvYU5aM3tyqqY0Yu2LO2ulQvInNt%2FMcYHD9oNqlt4gfLCKSQAaYFCmyqD%2F0lOaHRuSuJd2%2Fyb90ILKUqHqjO5nz5QWovtxcDuoj3rtXHcRMfS9LgeahxZrLFRYA82lFtZdJKKhrbfTJs%2FNVb9ebrL7zmId1B1AzJ1uk0L8O6DKGInBJZMAxF59T8Jmed4pZFyRjT8BlvepOrdgfg3lTWf0gfC7DLyDayhhcAIqlBfJQZmDi7vd%2BgNDv%2FXVQM9nH9sUF53THJ0T2hbzdCh0sCdTXYiRqj8R%2BMTb4U4NJNwsJpKadPAkS8R4oftyymCnsb5wqZW26jz%2Fv3HZadEWty%2F9YJwLaHxkXjA%2FtL4r29BIJAEwxmzHINo1UsFYlhmoOmkiG7%2Bv6GU2YIndVBRBazrwylP2ejNOZSYG6sjQLP0EJV%2FTC5IEeTZdQ300LVyCOq43X4L9vvy%2BTie%2F0KRH9YcsRRXWOhsq%2Fngh6FlPiPSTgU38qdix%2FGnWWTd%2FdIzOfMwMVP6jMJ%2FWiL07OMIGkYr8%2BGuQwGgOVT6G45OgRXMf%2BvfGHbqDmCxg9mGWpfB%2Bb%2BpPMVZW00hbaZsL3nCS%2Frycb2XExzsxiX1s7LAfouz7A%2BR1zas8RGLu%2FmoEcgiF0y9zLBWJ9MMwvA73OqCb6dFpbDxMRxVKLQ4%2BIvsVLby%2FGPbJs9dE4m4Pg5a%2FjT8ZnT9GnscM7xYC7OlXcKdwdwBxg89a9FboCF2aoYJtGAeDP28qb8HiL9xc9gX0Rk1j5CHgKlXtnaXTqJre9EmXo47f2YnkcW4daRcyqKKPRjFPCvwh3ukk3LRohi97%2FrdS40W3DwSgBeW7LobaBmH%2F6lf42wPhsan2YWk5AwLAu4MyDS2kLDl33Sitz65xn7BccxTjZ92Jyn7%2B0gCr5aKTqdN8IltISjCga4wPKP4Pdz2i5%2BEAHyu9Hpx%2BVh&s2s=1
Title: 39 Completely Unsettling Historical Photos. #13 is Chilling

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=ZkZf2WbKJl9rlfYl%2FKzfcv%2FPpBH1Q87EZL%2FfOZqznmMqzsQCXvawDC1szZPkn%2F%2BjDfXrU5buK%2F6PCp2ftkYC5wqqFXoATc2p5fVGcL2nfJPCiIrOldnCoMPZrQ1qzd3Wbs1mQQlYf3gIVoIWMARi%2FIS%2FPvLm2yffdeNkDy3VlmVJ9gthEGw%2BBpmbedm9BJT9a20dCiW5rF7%2FL0Ttt57fqv3%2BM20Fi74oQMYICHR8s67JL5dsXZZLbrD7RMy8er1SR4M79z2tfXUI7Ova5pQgY4tTTWnF0%2Fj%2F5xDQitbNaLPL4mUHaYIDWTnSbToalCDwzo%2B%2BEm70Bo9D8IHMpB%2F0g7nMz%2BRnuEuWlKqQ8B118YKU8y0%2Fo6%2BR4gegeFVYeBZ8PgdihgPxQd1DbUjNAmki3wjuj1XzIk6k1jI7COhh2vwXFsGbDMFSEdtUZ%2F52Aife3Tb8fkVMa7JeKLPXQaI2wStPXQz7TDXSrecaHANLKCntHOiUuuv3FP%2BF%2Bt8wpogR50KkDML7steYrO1X3PPh2jLdRh1ztpnoemrErWNl%2BTObJFjGq6LI7wYWWaZucrMr%2FiEWnJYjrr%2BM8s31dfTQIh%2Fm0HCQtpNkF0Yk5WsowG21GSLa55ueHJsWRj29eF%2B3Jwdy9tXfZcp8mQnd24VZUG2G81wATV01NhClmoR5kGbAD85UiPGJv594xaFCxrKIyOu6ewfScYmwTbfvZLWL0DbkIcVKvz6Jw5k27DC9j2wXyGDpx2SEkHbGRFU9gUr2GRZa6qC7U6B5qkBUQ%2Ffos0%2BgX2jwTrfdqDhZkdfrrJEs0StOEFqwWPOyTUgH4wf4Al1NWu3WLkmpPtkGJdmNM9TXoMZwONUHmSISLsimsu09C3%2FR4JsQGFLXwtQCTlzHpZrEb5jWY0lfidn%2FHv1X5PyTfsxaDVV4XX%2FPwWLfs8akrVa6YLRpmidsONtIG16wiHgXp8K8f0whbU1UgGecP0TC2pjV6jN5m3LvkOsjUK9j4Cb0lJMJXJ81fX3dEJY8yKvuAMw0tPrtFp4jWVcaggMSjhPS1zh3aCTRBnKlyj968ffLK7fgx1ao8hfAfe9K0A%2FN%2BanO3SbyOVUaNRqt6oPEWyG0mc4T3hHWMJEJfig7CHvHkYNyv2c3H%2FlUk4otnqnhUOt%2FCQaKdTWFLYIBQiwMWEBULXRYoDhKMhM6aO4%3D&s2s=1
Title: Chinese Investment Method Taking Over Denmark: Turn $250 Into A Fortune

Search URL Search Domain Scan URL

URL: https://faq.revcontent.com/en/articles/4430973-revcontent-privacy-policy
Title: here

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://intercom.help/revcontent2/compliance-policies-and-procedures/general-requirements/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/privacy-widget
Title: Powered by ZergNet

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6162367/70694/0/0/230038803/1
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6164903/70694/0/0/230038803/2
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6149851/70694/0/0/230038803/3
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6135739/70694/0/0/230038803/4
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/5397878/70694/0/0/230038803/5
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6140135/70694/0/0/230038803/6
Title:

Search URL Search Domain Scan URL

URL: https://www.businessinsider.com/ted-cruz-suffers-capitol-riot-backlash-with-resignations-and-censure-2021-1
Title: facing a political backlash

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=a%2FYGmTMFiEnRmn%2Be%2Fp5SIGzGbI82oqtFfw6Gk%2FQfHmvfGdYIZYdAF42W9rd3DKHioGeAzjSnxyCQn%2BjJRWl%2Frwl7M4GOhC%2BwGsoeajV1%2B4HJzEHFVuJHenzYbHlTuZrorBvkT5ejklO8mhzkqRY%2FYYQ616t%2BJW8mNM4mhAqdYpoPnDygJHzo%2F2vUWRbpU1da8jCDZiiBYMseKWoLQyQoL2ppXO9Gu1w1jcY7X5GJT8ijvurZEPFd92i6hiQwsD29lnFwSteyLa%2Bhi8apmISDfX8DGeSHf%2F5KUxO%2BoL2A8J5ORghGaJ4qIfZo0h%2BIa%2BGZ7lVkiPwQ2d8J%2FkPOWNDkJPMhGl5zHvC7SznByrOof%2Bdw0IVo8uts%2F7N1vWNwayMaFAM2FIYvjqcm8HAg2Hgn6xH2pFQ0aXD3Udo4RbGVlWlZG2dN0gn0rxT3ihVrw%2BVRt%2FWHwYm24W%2BdNqXmfcUdKaKt%2FZR0KJOiWDPR72kMT4bcn6vQYwq7%2BHNj4LV4wy0Zs2a%2FlMln0xcjET31tA2l6YJMTjgrp6feC8xH8QZeIEdBLbY8eZRxtwWmldCn2XB06YhwFPe%2FPbnFHuZJeRyJYllz5J%2BeZg9BIm4O4svNcHshZZpRJWt1PvGtu88dHJo6S5Gd4pOe%2FgqhPbQWpJfrDs1lJ5C3domjpokgrTQQhdnft62sWxtWpogiEeRKLNGE5i26cyOq60YPmFPK5q%2FsVA7BFj8VJDrgQTazQEjBFHNTkHT8KsO4L8qaocWWLVW%2Bqc1ac3V6VoQXv09%2FZal3LlkwLjwf%2F%2BuWJwpMAcEFfolryoxNNVcCnctJO%2Fka%2BUzLDw%2BAe%2B%2BWnXkKtrWaLOwvQ49tQWiQSPOCUSFKRTiPBihD7miQgO%2FRp06hWsXUi6vB1hbBO1VTGA5AYC5QiFL6U8Re4qAZa5Oj1yMz59iC9%2Fhp1SkPWzkSxDhd2lbIhr3bQ6YGRWCOjTeJwnxvlDh7CbVodM5Wu27RnW0MeWDsH0HVZn9HDstEZ936oE08DQU8tHNhWapblODhbz01HyvzhAqTbfQ148PkENrkOYqpTs0y6GQIX%2B7HDIUZyHjWmpj48nchTFhzcZhWgMoaQ%2BcpOO0hPYjCo93ZKclfVZQFuiLtkx7oGiKD8lObA6J%2BnHf72iZLiF65R1h9%2BPnb7EQDIO5dYwEhFWLZDvvQN4EJkaw%3D&s2s=1
Title: Chinese Investment Method Taking Over Denmark: Turn $250 Into A FortuneImmunoGuide2020

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=bumJhbKHs4uJC4QEJ2AJa%2FDHvG5x41ajmKcVSxVY0Gm2UUW6Z3wQcYBahOyMk7TAwzqe9WSj2JufRxUmxrnycwS7wMlpO%2FjZmhFNXKA9J8fUrpTDx%2BjGcAOfmtCkSidAR2wLxuhdoWRHeGZCzUEJRfVUOXchfIBmYZshXCiFzJKq0Ig7OIglNbTtNUwwzgfurEP3x84ZiGZ9szEYG%2Bz4Y5xMOWu8x4u9oAK%2FcMA195ZinR7hLBUDeD%2BZ5rVgCrt33UA6kbRPACYfjM%2B1qsFEuUH%2FYo8D9MosIUlktyRO0P%2FnTEtD26sedm3%2BF8OWzAJzWM23G%2FOrUmAH4MPFVon3oV22ipZExggX7jFYD5inePWkDRpnS3dx1UaGuNaouaOx8i37HWA4vNt2Kn%2Fozx4%2FUNKh7jnCSmKVppvE%2BHkvJuvP1xv8rT%2B01q%2BlNUdN2SV3ItdCDUkgXAlRucj1CaKLIxewNAj%2BtE0oAYjDwKGicbKdNpm7Zh4yoJejdYUWUwrqDt64KykCsaEXyfmPo83KKdJm%2BUVdA0hdK2UYGjjW2d6YPv1AuN%2BsQC0%2B%2B2w9FT0b%2FIpXd1gm%2FSId%2BN9VnmgUZQeCiROrZtD2QF4YH1rpf9lhJsGRQRns%2FpsxdzmVJPlQXFs4bNQbe9Ftq%2BlmQATREnb6pl1kr6l2eJ2XaIG4UOn3Z%2FnUCCE0wl%2BJwKCpqZ6wTouNka0oTp5e0j5%2FNk1YX74RNFzaOXBn7LTNz5moqxBWxhG%2FdjerwlcR7UZeKHBH9bk8XR1I3AwBiGtxJIMx7MiP9qzmcgXKpsjA8lKz3Dl7JSyvmAmfIL%2FyDkAkYqUEJVgIT%2B5jK1Hi7IvGWVrHWWw%2Fknyy%2BPzzjBRPT%2FH4hDNZj3h3xxYjBjyHGb%2BRprlaR7MMkkclQu1pdDlgc6xBjVjNC2PUbCPSVNhFdVsZN8p2BUHnPU6HJGAdP4%2BCkHrzpg5kqtEzdrfBPaVlJQcZzo6r1fzS%2FJal5uD3T9eauIbkpeaPd4zYKZMAA9vRLPrQmSDUeDbODvbrPnCTDqSmJ0o7pCCqekcPEOeJxt9iqdAgylZ9AIJuEkFUwzq310jYepdSKv%2FdyNwAzLHitfgYlaG12v5GXjweVYWMBj9t50Gx%2FOjRO5X0POoEBJHl8cABHE1d8kPKCaBGpF1L6PBP0nhWzRX3fkY%2B0SSuMjjfULDRAV9RZ2zPCHyoBgqw47T3JD%2BdpFR9Go6jjRR9g3amAg%3D%3D&s2s=1
Title: These Twins Were Named "Most Beautiful in the World," Wait Til You See Them NowPopcornews

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=WSd2v3bV1II2DpEYB2vtcZ4Q3MBu%2FmVl8SZs3IbKvxcc0X43TOOncfW734AbWvFl%2Bs22BbjV02qHHZ1nx5QEqH2TMjJ2ZIuvW2qGN11WAn3MVDKF7skgmfoZhRQJHdY1ggDCkj9gfSo5WB7PJUBlm7%2B9k%2FiAYqf2PQAFxtRM9ao2rD9X6SiZjAKne8hueDYa0TL%2F1p4n6l5J27bu5bQkDzDjErj767JdBaiWk6gmtEpyOu2UaENWdpr9RO4%2BFJjy6TNIFXKRRJM%2FV7FQMKivu0Z4ZpYBD09edw2y0Y%2Bm7PjrGVnUFRpiZnK2kk6kK8AhuTP06tQUPKAIqiA8mxn7hlfUvpj7aad6%2Fw7d9vDLucjWDczz0o25Guggl30wJYWEnnH363IWbsyrZAi1P9AnBJJEdefuVIlLON2XOFRSEP%2Fyo4Xvl5D0V0zG%2Bb7stAthWuR%2BFIp7gayNDYNOL%2FfJ4oS8qJvTZ6GFDmrPk1uhmvqlOicaefT1gnbtCOLx34Su0fPIosM5kUQs8ZEIBVGeK8vN0%2BhFDDedw987vQ%2FNM4p%2FIBPY82IYFnv2fAlzSLY7oin3ZjfnB8Hin6fv%2BmuepeiuJOnRIzqKvVt2E4Sx%2BvXrCWhpNuT84eVDxjGP0rrscJ6Usk0Hr3v4deYudNe%2Fo3mczUCo3ON3rpq8EV3CmlUZQcBZ4w5IuBIPCJZGZHjTjKKE5Lhy8miGMeBYuxjNnQgiFR22t5A6P5vkgmmPBNogHZ3lVZhiWv1WTcF8qPwt0rE6na64%2Buy7om9vDpEywoiNtlF%2Fh7xj9qpfMERp5ELyJUzhtZfzZC9ML%2FshJWDFEZhmAfyUb%2BlomNkNqCaHTFjsox6OywXXVT1j1tzfpaZH%2BmaaaoygirUWboh98OGmAkW9leB06tc2CvHw%2BLZReCpOdYkMA%2FEVmtppkB88mj%2FGlOsMM5SKrDdXkvJhFrmRg40YPUVkEF4Ocru%2Fc8qbb4xpaOoeMPYLWhk%2FENNjnGmtbSLfB3jDlm0mnNX7P4t3w3aS%2F90w8KmBkQ63Kc3vpB9npVLE5xIBzXyj1xabuY06mbJ55m3ve7S27KzrDTrbk9wIS%2BcxSom%2FnnEJtV88m%2BMFWbOs%2Blx0%2FhypNwQFh87mxj5p%2F6KT6P4iiujjN75IxtpBLkGcb4fi4u4OzlaIOoBrM7I%2F5TtmGLeAzr0U65Bf5UT3oD22KK98lZpqsHNf&s2s=1
Title: Md: Do This Immediately if You Have Diabetes (Watch)Blood Sugar Blaster

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=71nyuVWaDcXe%2FWDQwqw0vY6sPPmFUy4Z%2F74M5GQmR%2BKZmLO9hTmQabcWXymKkCbw3dVNBDT5TC0Qgmh3WDrY8eSGbZCHZROMExtAAALFSBeYTPpPrVrpL%2Fj5CCkoLvk4qSy6ZxwpAdxPmg%2F33P4QC6394rwOwXptCMR1QrdbanQYyQ7ZpRmsJBfsm8AeHepIhFLB15EJ%2FiUR5ID4SAuhTazEjiLACvEzHhoHkaFiJdZ9vNXJ63sgIeuT8xMqeaRUPPNz4Q%2FTnFVOHT%2FiTXiWmvOQKAG74cwhwU9paUactHiBjbaKHXBPOFONzp0HasXU0XA50QF8%2BXDzIdOXprzOYw9mys1vSC9jWL%2BnNhY56%2BMFCtQajnBOsiUKuv66hvjRdDh0kBG0cTp%2BKeFpI52lrU7X%2BVCIISJWSjpv3%2Bw6EVr2zB02s8ey2W3DpdIQsHjDoaUcXV4Bvs%2BQUAJqWGlD8qUfV2xIcVSlhqcTJuNvqD4K%2BiG%2BVGtYpXKwQ4iS7jvOKS%2BHJmdrmC21i6mzOEtPrjb2Nd0LwP284aJ7WHPE52DrGUxBNxHbsTFR8BbHb5NppQfJjyjeX2oyTedmqgZagaNdS1sg6yZSF7xqC5pgF%2F4cD%2FlnfI0tNVam5COuj%2BDc6exgxI2yH4uTWF7p7g%2BWp0N6XzrECuAwfS4D4QV46GJ3jOwl8ctl%2FsEN9E2N0jmPZPmVou9Vs7h3ffltudJSYU9sJR7j5P%2Foy%2FO0g4xI453eaILQ%2BBDJp1tK5o2DW65iuA3qfnxT0SE%2FpFhi3NU7CILW1Aak8s7ym7L%2BCel8eHSQGAxHDk0JOBZSuyd7OodL9JNRCJ4QO9lFZpEI6ufbzrdslFioARLCllEm0dAjYM0uVpODqcHGf%2FJ%2Bk3J6R32TP87h7c2DOfgTdit566FdCzu0gYu6WZQ5RnJy4TulZETb0udYCW8QjLU7MXFI5%2BHdpP2vrC62Vnr9Qyvkzh1WEGuwou4f5LzmOPSXZi7q%2FnkFR59JLCpyQB1WrBCDfrDY212e5plcUAaUykmv%2F%2FF5QlcGF0Fajz32XNrSNqTmufHXfXR9RRaRT5MaVO%2Bk0VlIxyxygegrLDy%2BrWW46NYRmmHly5QfMNUiFoyp%2B%2BSWbEkFXWctgNr%2B6fpu0AsESCUh1KZNbnbxqEZ3b1dt8f4LCKy2XOcblGk9neyep%2BwjphwMN%2BcDKPuxclEnkvmPi76a6NHV%2BFLEREHyzsygoSqcwA%3D%3D
Title: She Was the Most Beautiful Girl in the World. What She Looks Like Now is InsaneNueey

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=BhCHI7kfNN0zGrYuo5BQxK6WV7yUwuC4kmn4ouO9PiFMfMtoM%2B8T0DIJI%2B2B8kkwaVsgdKCRYxBRUt234hGgKXsWU53VmG4yhMmLLCWb5OBoEniy48%2B3wncl5i%2Fr5WGv%2BsVsvCTmVBtBmM%2BlIDvkTpQbsirlAcFINWPRji9vkdWnO3UtCxo7Z%2Fh2058ajUyJYFS9qOWEZJyXZsJEa%2BPM6onxduBo2PBmHVy9ETACRXX6VCr0k%2BUSzYFoC0mTLy8EguR72zZCueIU75FLfpZQJfMkyevqrbwYaKxD22eBP5N%2Fi4efCNcrONK6iYr8jEsAi02VefQbhVtAahSwPRfUeJ%2F%2BdxnwXA%2F1Ed0x6rHjvA1rf6ZUQUHUxZh9P9ZBNsS23RzWtuxH5D61wY%2Bs2FSzE9PNvX1CTwms%2FFGwu8wMSl%2Bc9INHJtdX7WYGcLPY3BnbXnAd4s%2FzQ1ayxdHMgx20r8WYNR3KF94IHcNjDKEOoZbSuTv%2BIBcQi%2B4G7Itf4OJFUyCWGG0LkuLP03P%2BLv1Y4QCH5rakS7Od%2FIcCQkCUC2bNd5jTkitBlVn7ffCl7cME4JdkFhjcctZH5Y1EThQ8xMzN3vg2RKuQz9GamIb%2FD3t37XuaY1bq7q3btgmUw2SLZrPYBVHZSRrgKXZFuDMs%2Bq2cMEFIpHPhJg8z3xhh93HbYEpaCRO4HbO8U2cqRBU%2FEDa7fnpGbOPDQsqzKxWmBWYDUX7ptjolzw%2FQnekn5RbB5vrdeLp5AUIvus10%2B%2FE75L%2FmNtnsAn0O9yWfGhmGp4S3k8JdhC7ixo26SoI0Q1z1yaOL5BhpskIxk4E5QDosbzhoqGSrXuyTy6H9Bjmj9FG52HvECyx3N%2FYPNtn1QtfC29kYazHdJEwFp9FpdBoAx7hmUtOhh1EjtWoEE0FXq75%2BlI85UD9EMM%2FjY4X%2BKoT4TH%2BMFN7t0%2FfdOl4IgKxzVmQtHMutxmqVwK6e4U4kelkwm4B6zYh84fGl5ULyQWFAu%2BpAchBxAvR1Uav%2Fm2ce4XyDwkh3kPZ2TxEsKQLbjwDjSTDPKWlizT%2BMTrY2BuKEWr4NOh%2BSHfKx9CTjYRGgICGN6iA6H9ujERy0YLvyY4HLfMgGFtuKIumiyT6cHp013SiTifDsYyAwcohj3Y1f&s2s=1
Title: 39 Completely Unsettling Historical Photos. #13 is Chillingpopcornews

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=ybXd3F7QacABRlLp7mMBuef1jUREWw88zAelI8dMYCHNSpk%2FYKHTzA9g73RP%2Bc6flJ%2FgqbY6OHrmodT3xp4QqnGYljobkdR7%2FaRIj%2BKI5ujTuD5IDckt%2FI9OecUp%2BXOEkC%2FFAmNwxzE62OSHkpMyN3VY6MemwVNcJLD5vvqLJiru%2BOuVByDy9ULgFTj6lI9HJ4TaUcJMFGNdpHdxMpjOkMDW50GIRGZTQguDbcNAC8uruoOIIsjA0IIENOZZWYYRseZK3r7Ymy3%2FOCqs93xXBON9uianVW24%2BSImHSpVFQq1f36GR548GDnyJr1QFXtyTFsUcIu1fdqXh71J%2FgfrYZDHiCXCwiPYxtpEITfs3xkb2KZ1BlUMLfLpT8zViFqhHo3c9V%2FGTwY2Qu2fIWUfHUCJWjF4j0FOA5ySe8lYvx%2BORdHaTSYwL4UVFp%2BiHFUysZHC8fiKjzDdSmN37crDHXrTP7rtNCWqL0gNTnV1zoXMaEYi7H6V0jaHly%2FZJ7gq1RwENG%2F%2BYK6Tyjy8rnPqMbxd7Tg9yNzhm4bSx87ubdNN5GA6RUvdz%2F7nojJ9mccjC9i4r6sOpxslX05wFcbCRQJlIo3RzrnnYIWXOwQCO%2FbA5Ct5LBTDpBAhouEyV7Bsdm%2F4vRD%2FiXE%2B7tPVWMLXBPd9MkygayvsrZXn0YND4kHDaxeAVMQxxxE3Y4yUMNYaBevsAhLmCuBhbQQx8vnVFmTCzWlZVn19pnEge6kjQS994w37UUCkHv%2Bx8lCIGo9gNlOKweVTJgc2kl%2B2nDeiNjFhG%2FBvFavg4af8BMwhA3moW2FmXm6n3JQWfjCCHVYuGY5O2vtgpn6mdAjvBA26K4KF2tk5iKL9i5OO1%2FKhpTJxd2G8QY461X%2BYpIAKDPI8AqbeT2LmRJY1q9qQGNyiSa7XBzQqZqZDSVDuA9CjmzUAfZunhYWBeQzqXXvD3TgnDXe4FfIa5Npj6tupRWqRA4i89Yc802HjRSzk0Go6hewc6t%2BTjc3wOyisbTxK8YoBAM%2FudpUbD560SvIr%2FS88RGDhZDz%2B5gDXulPwpfQ0jqcOdZn%2B0so3B4n%2Bsu3wSSNNDMPFhuToYBJG6MSWmPwESqRZgFjSJctsNjhbKIxg7qZqNHJejufdPC8qHTtB24y3ckLzn9DL9Psszgj9mPIAOThGLOpomLv5cPPv4PPrxD43goJuVexW0zMJwY6nJAEI&s2s=1
Title: After Rescuing Them, Firemen Realized They Weren't Puppiesviralsharks.net

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6165057/72546/0/0/230038803/1
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6157794/72546/0/0/230038803/2
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6154459/72546/0/0/230038803/3
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6146929/72546/0/0/230038803/4
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6147129/72546/0/0/230038803/5
Title:

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6081715/72546/0/0/230038803/6
Title:

Search URL Search Domain Scan URL

URL: https://trends.newsmaxwidget.com/click.php?d=8HKK8GNv%2FahagiUCOKZIijz7FQ83LUeZHw2O%2B0OXAbA3xgZ0JmcyG5IahXR4aRugLLzmECr1z4AX4UvtL%2BlasArpz%2FCW%2BqdEk711Dia1b2kbDfzpzYMurvPMl4DysZE0KTlU19Bvb0z7V%2FMNb8Vui7l77%2BcslOWRR1geQOzQPQlTZkIv4ELaksahGVC07OGBns8IjBkVY7wAKKVEUV25T2fHHgvZvVdZ7pUH6cEtgCF5bg2to0lDpZ78kHC1uLIT6NubwXxpc0k2SHC%2FmzTHZZ2YPgcc%2F75G4bZFw2NNiGU5XlKi0Z6GkoW%2FrlGgumr6DOkWAIp8SRUqGf8i3t3Mdhlq13EMYIFZw6H2CpEw9gvj5QsjOkaakL5%2BobqJi6fFlpBQlRDeMobNbfOKZL06boRLlAkJElVJ1IcA3ex0F4JlQ0jn9WGVbVIbJS0Yoc08zAfmjUxJ6AHNeNqmlo6A4UJUsac8LXQ9%2BSMOSVTNTtNWTOn0SfgNZUaeizPsR8AlQ%2BH%2B%2Fkny0vWoWLIXmyZmxn6QeY%2B3HfTyF6JA%2Flp1O4kzudKdfINl5Ji2jdAD3VhPUjzvjXG23VQ%2Bwqnq9RKIook7cOJfQQsSom5ix%2FUeSsceekzt7dtLgaRkespBdZwZLV2%2FMurGNbFOnGzpylkkgnFFeeH8PGQmQLL0PLfM9KEWT%2F1iBFqm5ts2N8pM%2FpLRFzNgSkcBL%2Fc1PlNVOgNrmHaEHFtSxEBBzfS%2F1v5uag7Cr70%2FWrbeTUZMhmYDdVVRm8vkXe0HEMLbaqHYiDe%2FY8yI3O%2BR1ZIYviZALiZjxBokL5mfhlCb%2FSKgcOg8dGMoOQ5Gr0rCn6kwZS7o7bE1%2FOqeuIUWwzPK8QiJlqBrMfve3KivzYgOzuYHnsyzJlD4tasnBJpA2KaBC9I9rnn3YNOmE2%2BQ%2FXxZrJwaGQWlsNGhtp60l44AE9A9f4QsWJySP5v2YhLCvgr89zKjb1%2F5BTBLE%2F0guN5fEEd0zY0pZdzDywkZoXl%2BqbU2V9H7XlJKFV9Th3HPIABISxfZkzzLVzu1xngc1H%2BE2H%2BxRLlhuu%2FkEkefOYaG0EUfFAteOkxjJwJ%2BwklDFnt8vACTwan4d%2B4R9oBsWpwULAoEjSjntJyLCEmVvbGZJyOL9XlRGAQKUi6T4SwFOcr0KF11giUlAn%2BS5tSYzmzWJUahCth7KGo%3D&s2s=1
Title: Remember Her? Try Not to Gasp when You See Her Now

Search URL Search Domain Scan URL

URL: https://trends.newsmaxwidget.com/click.php?d=5ervYS37FMl6KRGnNzfM2jBWdbEDPLpgNjsaZFdyrX5Knt%2F0xQVyS0RpepJeMP%2B8W8fyHjFvwyRKfGnN4Z2o4jL1oB1CNcl7CLT1mNUqoX468H8qdyF8Ml0Ghr63ASG14x2uWJGD6Q2PAd8FjYtJxet1Z1dDWWVJKGOaTjUfs8cFijlEpx%2BuAvD916yS6X2QukE53CqR0g%2F2iCDqO8fJPe2HQcGLQYLyhgljhc8qdCNDl2FaqS%2BVDCCCyUqtfwqVPAoXHRkkJB%2FDeJPpKebdpbys0euw%2BA8nQyyyick%2FH9g9w7Zakz9BO4eAA3TCIDVFCboUbkAzgckTPTHmf1DA2KecPEe4Ndjz4M%2BnGu3wmAQy4MoOQuNA8cdwaalMFmfyNEBcnqzej1jdxmi2qBahV56cTRfnayYHYcjKeVPaqjPKlzyHC9KdbJGM4L7OGz9uK%2Bb828y0uK4Odwf7YXfFeLmHQwRKZcvW1mDP7NSPTAXl2We9EuAXKtmRQWVvSiXReyMmeJdhpMUQVopjKPxNN1dmoJks7BWnWqYSs67dGAUyMBAvIKksu2lNGCXK9MJxr02gIUh6OotooauySergnO4c%2BMFxE1p3pmngv4dHgO8eC2zUR6y26JaHsDykWwC2a56kcERSF%2Fjlb3uN%2BUJrSFpyRS%2FcGLPRgZkJtoFGyomO8RhZ1AshAz0xtKSCbjjA25T2S5rvc%2BbHoX8%2BH8ns6JalI9ogO3jcCoMFgEvJS%2BdY%2ByZPqnw1uHaS3rrjB5RGISZgio3XNdig%2B%2FL8Ifuv84QGT%2B%2FdKadhsCfZo%2F55uUthpQ57cgQMCdDCfuJUeB3cmmAHpxyZiAAjb1PI7xf26vZPWVNvxxz20rCE3IyH%2Fmn4jMpzafjTXFD1qYd4MsSL6JwGdKwr6DN5CG1yb9ds9oBuylm0h8UN0EiVyVcJN9QuLjpsq63H1%2Fyx7XBu6ITpNwOceb9rmaSezO%2B0Xfx22UJZFglkokt7xscvuycGVVO%2B6aGdaCw0iX%2B6ac8TsoLlupqkSZ5nsCwPKzRl7MDTJ3EThg8d%2BSv5tuD%2BIlFm1GZPJeOb%2FF%2F1RRYU1Gfx%2FZbv0xnmvPf1Xjr1PkveYy5iuk9quus4XMEsvwyG9EnEGlBl%2FaOGywSyjHBVZxiugy%2FKPUSTAuI0tz9BtAZdZzZKtnKkcwlDddNJQECAIctfMdg%3D&s2s=1
Title: Anyone With Tooth Decay Should Watch This (They Hide This From You)

Search URL Search Domain Scan URL

URL: https://trends.newsmaxwidget.com/click.php?d=MHNHsvkQD%2FgFf3xMLiabWIz5rpvXMJYNhhU3Mv0C1lRICWqhXkHJPMA2292bdbKqAFUJuEPu8w9LJsahq6S0y76Dh4NtblRExq2xFbETETakMbj98TVeHz%2B8ulJPoIqRDoIiZgPsZTvPKdtp%2ByY%2F%2Bp%2Fl16T3YIiq89npMvzIEWbIRHcHqgJdAkdBFDU6kAxIrdNGWpRQPhGI9ZqyrUIHBkBJasyvLNCxfREVqg2rxK3AybQZYfv6T5OOKf8yLoti0oJKLA8UgPr3akeEIvbKq1oi87wbwKVdv%2Ff4mvzwnBlBsT%2FjtOBNqo%2Fmc0%2FPNwjQxXK8g7m%2FmFvygelPo79jLs5amQYZMU4you1hmcJrnvNTc9ldxqdXWPoaRYPyGomDnCjrQfN5Ks3A2VSrNQZp7T4Ch7wkOT1EEZ9%2BGR03OIPKiWmpfncHlQieo71gZJRW6kdlN1yTJfGjTjO%2FLadT2Mv9ZdOZMM%2F9dXdnhHf0xtQeZC7PvHwiY3rvCWmwpy3HW1JpSWcEJ9kb5KVfuH6zUwSE4LQea1DyBBQbwJ%2FNjVD%2BqT89Wla73PUkRNrXYMJ2QDi7YIrq11pmuFFn6rBY40HeQDs%2BFd8zUoe0nbnXVFsTqDd%2F0LealQL9SZwdM2j9HI0zlOmIaZ5x5QFXOp2yLUAUvE%2BobzqK9nj%2Bld3VfmPtwmxgCU9TjV5eLelXih6Zw4xvRvPNqCs9LgR%2BRaOf77op1%2BYZaCuNcveO5DxITyRDn2VK54vKdYZ0RqtxqYuXa%2F7f2K67whOGea7HxovyCm6j6gEKovK34%2BvBinf9PkkpfvJ%2FMAMYf0mNC2Fdbluk3gJvJQgsuCIxRt04yUv7EVyEg4mUdXLuzCMFEf0GJdL0C4m08kimhvMR44CW60NtrgurNLUndSgWhDe%2BPEsbSmvPrpruTjyiOhHP9HZCp%2Bz9kL6YAIaEPuQcd7L4wHqyvdI2orjB1m0Dk7YWSuBuyzrBuavmuLTGhI1mru9tUtdqphUbxSyexWQjD3XwvTHjYTuDwOe8CCWYfGYr%2BIgxdt%2FuG%2F7d5ZS4CCRAKWNnPrtuJOLCKJ3FVaZBwbLzWTma&s2s=1
Title: Take Your Bitcoin Now. Sign Up on Binance!

Search URL Search Domain Scan URL

URL: https://trends.newsmaxwidget.com/click.php?d=zl3oXblmMP768iCBtnNoufHv62KUNUxloP%2BwRdd%2BLducYR9xciCLNMLzOEpOvWSHM%2BdUmfum2qovqlkHk33srnB8bHb3qQpFyQnwIKPrPZFcFK2pIVekzCLEwmGYAq6X3oySIBi5sx2%2F6Pn7Sn2g%2FfwobSmI%2FI58HOzuAkDORT%2FyyANzQ%2FT%2BzVio9Z75axttjrAFiLJ8hKRsLdw8HGug0mppymEgbT%2BGVbVMr5CDXCsHqCYnt6dJSsMNCp6PUvAmUuCzPSpqiLFQ0dTk5ZNqVrnw3ul%2FOaVZj%2FZgnWBPR8BxXEWpJgDj93SsiukuWlzPpZgU5lDV0Y661PkG4OPxKnasYj7dY1ES4WBrnuyLA8ajikjRPSA%2FiLKF3EuXjFKvbv1k43KHvrHwUTkiJh7cMB8w%2ByY2sYneHkxAemXc2%2BPJp1PV%2BKD3aWLV1jOP9s3xNeslZXjVEM%2FWerHGS0PDtSEqNPyqzTSB78oc017sDqkgslLs%2FCwTVFD54NK8gZEAtn6h7WYJeettob2kcLdBsalFcqqgEXZtm%2FDbBLeiRC5bRk9pgFFSXrAXHXBViZWR5hDwgr5Xyqzv2EETtloQaOpJU5b4CMZnMVsQ0L4txokS9A71QMW%2FO%2FQBKefjax7lRRlQtVvajVEKWA4kH3nxUB78nvW6GBnqHWTiICImF3kg7Lyvn7G2oMbO3hquQm6KKGSYTzLt8jsCY52F1fu16H8dzCvblmDTUki6Jkw9h8v5C1N9BcILfurm%2F3eThIWNJ3rML6qJ7AzIljnfIi1Sax2H7ORs7p%2B%2FZxyq6pVuUojpPEmDJZ0EIGTGN9fo0%2BX4Bfknq2N21IU5QhzSUNugk%2BQxgociC2%2Bz1%2Bpcl8%2FPvXJydzLEqAkAGcKjnirFfs1CR050yUqsD0l3SbtSzCpUmySPU3jhsOja76g2orsd5RE94zJ0NHgf2RPSLEZXSMTZ2EF4rWiih80WJpSkg9eRrVz9MbaYDUGKSftTcn8doTIKW%2BICO1bA1pBDlUsSVAOXUsZrKrgc5Dg7zNSgJXtcJ9kB%2B1uCaHG43WZ5TX5s0UmL3O8QjlnNyD9nZZvYXqEpbeMkX6pBQjP357%2FQqcfpc61WuNWB2NkcadXPGq9nVYHmTtMg3IicLXVNEBF3OKl8WnO1iBn%2B6BUNStJTIVJlpA%3D%3D&s2s=1
Title: Men, Try This Tonight - You'll Never Need the Blue Pill Again!

Search URL Search Domain Scan URL

URL: https://trends.newsmaxwidget.com/click.php?d=beicrayDGjIASdPjB%2BP026OCffaijeqANd0LIeTURbF512RlYH1ySQ64YBOPyt000pSqhWj%2FYFp%2Fnj8JUEva0zUKRoCmPNQzWpN4lbEz%2F8CyD3W%2BZauTC6NKBckutE0vWR4d%2BD19Ng2QZKo4WFByoPWvhininTZzllTm4x4tgIilWmWDj%2BkEAr%2B2VCR8LnMJUJ7CwayW8gZvjxLYKzcYoozS7%2BQEiclSDz8gUtUwY80v4zoUTwALEDkpRdkRdBF0Q71gsMJ8p%2FIiTwGffbd8t7hspW8uaCsiwLbxwMI9suNVFMBX6KUsyewMhmfmPHhmexKMYs4OhOKG2GrrORPL2EjdIW5hJY2DwV4s5Y%2FBOIDC39KCaaPck%2FEzpYZqbOXXwzTLqysoTbpZDV6W5SyKMDt%2Fu4oXLsa4OgEcHPxhkv8DFE9Q34qAxUvxzTnONLWQcj%2FJijXAV8XPhLGbTgoB7e9lDz40exlLcWivIP%2BrmdEYgMEPHDW4pWuQvKT87O6iroRw2WoOUEx4AsZcCZ1uS0IsGU0OLSXXEF46CRE3z%2FaihNVJm%2BOwDKwOO%2FUT5PNjwdzTzNAllJUVhkyVNZmxhAJom6E3Qj7%2Fzpt6TA2T48%2BQAe9w5yKg50PGIRdarLtM5LNwnVSqO%2FlyJJNWXQnVNg%2F0C6iasAwHuP8l6NgvZVIm5xukkvE%2B3%2Bbcw7dmqbp3vEMVUb0wasNrNFWmltXl5XBp%2BfzaL1181JuGgLlJwyxru5RS1Y1lbDnOGZDp8lnrWzdLoUinQZj9sEjoSo0nHtg%2FpKqlSZG9IkcTgebxkGb8oAPZKhKpNQ3T0asouB%2F%2BSmUjrrN2knOyhcD3sh9rK67LjnkdS8UOtV3e%2FWyRiARnoK%2B8B%2FOwGnD7J5fAhzNAtjBV6dM0iGPft6iFDMs%2FL%2ByF%2BLc%2FMGnlSGET8vpVStn3uxrRIjgo0c9UhFvI0LQthD9%2F5AiulwfhzudiHhZvxmPHadoyeoC5%2Ffl8xe6BOnTtFuGsxvhSkJqsj%2F8gv%2FossybujQYNeGThw9aY28VUJ1pLCKl3c5mptY8udlQWb5ePEnM%2Fyc2jAk4L7gSoWWUtzy%2Fm7Od7h2jZeaS%2FvnyRNgX1g3BT5wIHnt8U3FfZu8UbLqfSc2RytmUyeUPrZJFSLfSXGe%2B833Sz3J%2BxRZmzJCSFJeCyUeTpOKOp7EJIAT1ZP3TGhemIThxXWH6FA4bo&s2s=1
Title: Md: Do This Immediately if You Have Diabetes (Watch)

Search URL Search Domain Scan URL

URL: https://trends.newsmaxwidget.com/click.php?d=VaeWIDg%2BjsxiYMCR%2BAdAdMCcluLNLlxkxFCpaJkZT0oj9WumKYrk4pI5nfTjOeEg4OW%2BTzd4S%2FkQfEhOAG8XClcNDXMy2qZDBb4K5e61AB5HlpQeEjpB3ZQ547aSSbgBBoeYHJlRD95JoyYmSf7rRt3uSXPPyhryegXFGZGq2Q1mayHf5ufq7hoYq58jO1ocPnpKtbh7R%2Bk%2Bd19uZsBbz%2Bm0%2BXNrp2VJwhZfJCkh7qgTUUWL0E0NiJChGEz1wGPtiG2lDqPRefrR1ZjUCxn3AWnIBFwT2P6efrNiTMTxb8WMctojjeo3ahNVyh18yTjPQ62UKaKNW3uAaa3iGkvuEpfM%2Fjv3ehhE%2Bk6psZcT800gm6qoh3ZWkXSWefO%2FL9T3w6z9IRBW9tAEStGGkPCmbtSfCbJOy3snW3eDOClnVWv5hdqjgylToTYMrHTJ%2BPkqWHwMF5Pnmpajv%2F51l%2B95eGhGriyzTm765JjiM0TRpsklCjjg4cQeFg48OC3w1xzd6U%2F6qPxTVTYipDwgJBR0QPl%2FlQgnrZxsRH9GvYFxUwlxXdH%2FgS5utS9JEv7z3UdDsiHowpknWaDVvxw0Nf0WSPoXX6ffnWHnEaL2QOoagdiJdU%2FIuf7SOK%2BfsLLLAj9ws3rLB7CQhsXST9lDCSvOZTYNnbTc7ShxY95CHV%2F%2FdEWrrh1Ep%2BF9KB56ZQlQLySOMwBoJfQdGkNN3pQMZaBKdccJSw7mPCSQ%2BWM7265AaXK4pAlAMSjbvx8KpiBcrqmRr%2BA%2BBt3lkVNF%2F6Xlz34Z0wUWpwdG54YeJYMiP9Ae23KouzAwOGMsVEsdiUNbve93DAc7UvcXtB1wT3ozhFIU7nXia0fIW1KfFAIWLZ8YkItEVPoNH5K3%2FdX5pPX%2FmbrIJXw%2FuTUZBoi21EbUlBlqZCfOxCA7zWAf4FbH%2BiZRO2aCHwa17iZ0kikpVUGfF8T56COnGkSuZB%2FwH6H8U5FkMeQAUEnJGVwCQUqABjVXRC4ujqbTLMMwBF83bRMzXVvCxGzIb0BAwQyQV7TC02C20TR1%2B%2FuZc%2BV8Ow%2FVlYmEJJBqAP7zxwg3DnC7eM7J0lIV8J1ApjD2dvGWwZBiBcGUUXNs5x%2BzLqm0xPrjftIx9xqmHrFSYbPXPqD2GsOyc0EtkQkRAyBbSING9ErUAwOK5HBEKSfxz6XmMFa8cYxExIiPqU2drX3OXHEpXzftNoOeWzCoh5r6oHazomDLOaopTkkHMRvRovFkV9%2FHOaTykHHE5ubEUpIuiXoNYyrDSQJ66cXdVrCue7utOnFGzUCHcQ%3D%3D&s2s=1
Title: Doctor: if You Have Tinnitus (Ear Ringing) Do This Immediately!

Search URL Search Domain Scan URL

URL: https://trends.newsmaxwidget.com/click.php?d=oeyB0lgoj3f9aqZ2rD5gHhD%2BdsfEUHn3NXX9Cs1Khl5wZASysGNW6KpnFV2ZLXpuE3Tz48ucVIlcwk%2BFbsYc2vj3K97R16ihYprZlpeqTcbAV7%2BXNE4EUvYOPohEkAlzn4JID8h7v9%2BdwiglkCBBklVP7Ta2FAitIXUbr%2F7%2FaaOTx9l9IM0ziIfndhZ%2BsVUGKlpH83iurQ%2BUK8o1jAPtlkDtOGXxzJ%2BApTZZDYUJJ1N7bNKOnZP3TzAuRB394L5y4b4byZDNDWncV9Ex%2Bhmqr9I4ph%2F%2BOpIObOAST3R8nkUMc5w7IZzulC3HLv86y1k8Wm7MDL7fOUJd8gKYOM2j1A75%2BaRC4pzgEvdJzuL7BRW0UOSBsYQOpLW%2BY1k9KnXUYQNVa%2FaRzusAObfDtvvm4JH56tiD%2BOG6auKHQ%2F660U8Ltj5kO2D72x6qUFEoKcURYKbt8FzlX8n1wylijTVJT9nG5JTtz8l1ba2Wlheid6164CH0yOsW7mlZq%2B4g%2BxQGML9NTgidyDnvHFxwle3qUm%2Fwm%2FGTH3GIb%2FnR2u5RXgPpb%2B%2BA%2BH%2BNuITBFfrJxQgOvKJY%2FqoLKY0q3DEtQO75CVcl%2Fn3l0MpQwbfVjSeaStp2ZIIdY0ZSp0xvBH0cHm3MhmzjqLuWHADkUL4xRWAoJMmGq%2FYAYGBTVbc%2ByJ6CJQ%2BdZbqevDugsQu%2BHzbbsoNdPRb%2FpqIN%2F%2BG%2F5y7UA%2FGgZ6tSzU24ZjUQNW68GRQyM7VxKYT2hU7Yd3OmHEo9DzIIzF7ce3Xov%2FIw%2BMnegwRBjIr6lP%2BlrvkW7SOWtoTNyXZ6Gw8IQbMcoDuLEPLTE73tDiprTguHN5LdnFLny4Aj%2BB0RQUD4Lf03ZU7ecvaavenqkBabkYFsZ6zulYq2EQZ4frYyGeg%2Bra93fnahscmOOAqib8ZzJ1UApfnjuakTi3quDZNVsP3KhwjJGg%2B4g2VhIGo%2FF6u60oz1V8FzibjHMhj1VZxelvYp8ma69EelNt0IeeJKv8nwmyh2AWqUoR1JPNl7W6uMVGZDqyceNfPgaOoLp%2FL7OulW1HF5kbjyXgrJk8iOdllVMAyLk%2FhQeOeJ%2FghI1toVLGyb1rk3lI28iV%2Ff0jjiGRZ9P3kLJV1XGis%3D&s2s=1
Title: 32-second Stretch Ends Back Pain & Sciatica (Watch)

Search URL Search Domain Scan URL

URL: https://trends.newsmaxwidget.com/click.php?d=V9esHgTz%2F9qkTCOXlFdE61i5oZJzuERv69Xgq5ow6kj20kI6Ecx6o%2FBgA1PILeWPyHCKa%2FYIOcOiGxtB3K7tyNkDZ1RxYUctelATIMQ2a%2BwDrQoyADSfYNPMIkl740OWMlPFENmI2J56Yd6ZVyLIgXPq1mVXXmw0DWd5JHO6N7NHskgTNcOanwPV3t1auZp6bFEavohQH2ecsd7hWSfT9SsAccpk%2BZ7Y73gOkvyucoZfSX38NvThJakBCsSi1qQobFMEPtVEtTIGHktQH6YH8WcAUh%2FJ6c0%2B%2FfGV6dEPlBcNGt4tfYe%2FUGUx1eaCpNmQrieaXETgTxvJ6dxAceBD0810WMnHrNIHCe%2FBO%2FIw4B4fbBrod7pNPZWPIOfJogG10g9Z3w1hRBgQd8Vq0vjEpDyBmfk23UMmtsiFj8iF05%2B%2FhEZl8%2FmFT0f0dOye01Wv7MVM0hNAErdXm2OVFtdBhrXkTYYc3qWbaWTAfxCQv5KOfKDTuNcWhHruN8xwwfl8km6SxsuKR%2BXisNGCxr6%2F8b6xFim3Y2eH0b2bUhyBFevrGxasIVLtIGfmCj9Q%2F1MCf%2F1CKM9dsMO6eJkAgUshLiXmEqXPqbFn%2Bd%2BonD1wQdpejor95SjP%2Bs2MQEx3vt%2Fhkapo6Fi5Hmm423V671RCI0GERMGbXQTWUsAqGqnGFFLG1M5Ipv%2FpGsWZ%2BIZxqjvPg4Y8sk0diEjGXA8Haimhb6JhY4XEF9ndMNrOQI%2FSJ7LolIy5rgUPMI0dVmaomYHy5ZJp3baBxQ2GAK%2BTq%2BFZqqlJa86tBdRzxh2z%2FJIUDFtYQ8G0gMtK8AI8JlZFkimo8lf2UrJ2UeiTEikbwqhqkHegc3JjHqzcKrZ6cr2SpLSB%2FvDDeSuFyUBifBtFBz%2BgZZsXbuhxVsMUfoJd4efgWgDs3ZlpC2ULCOwwzZe5a3GtWM4ItJrb8ww6i6xzFSonH8pKvyt%2BLTGraoWmNZ0zYnBmOEz%2BvMqF9cYzG24a2EZWYCG1Gt0G%2BcwdwDPnuGRz96y8rg2xUwzqhfT4%2B3Ty28l6itqyXQKmjv0jpBjw7P0I62KPbW4ZzaR%2FyDnIzE0Im35hu4rWATP93xQozyayeFeFeXhbQIrLRaE9gk5Qra%2FxrneuFFQPz9zgYeQ8dG%2BSQ4wNndPouMOB8UmHexgSAqSXckVd1kt%2BHy54yDkPNcAIrWpRorxGVwK9ginUkeITyARpEuUVn7QYrAj258ZkqA%3D%3D
Title: She Was the Most Beautiful Girl in the World. What She Looks Like Now is Insane

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/91852/connatix.player.dc.js

Request Chain 45

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/91854/connatix.playspace.dc.js

Request Chain 51

https://sb.scorecardresearch.com/b?c1=2&c2=32131503&c6=Push%20Notification&c8=MSNBC%26%2339%3Bs%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues&ns__t=1610640915396&ns_c=UTF-8&cv=3.5&c8=MSNBC%27s%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues%20-%20Raw%20Story%20-%20Celebrating%2016%20Years%20of%20Independent%20Journalism&c7=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=32131503&c6=Push%20Notification&c8=MSNBC%26%2339%3Bs%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues&ns__t=1610640915396&ns_c=UTF-8&cv=3.5&c8=MSNBC%27s%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues%20-%20Raw%20Story%20-%20Celebrating%2016%20Years%20of%20Independent%20Journalism&c7=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&c9=&cs_ak_ss=1

Request Chain 83

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D632fdb8e-c675-4aa1-9dbd-e617e342cce3%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_4610fdfb_f6a587fc_1 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D632fdb8e-c675-4aa1-9dbd-e617e342cce3%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_4610fdfb_f6a587fc_1 HTTP 302
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=632fdb8e-c675-4aa1-9dbd-e617e342cce3&uid=2fd065df-9d06-4f89-892a-cff2335e9132

Request Chain 84

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_6f8bc9ac_094afc26_2 HTTP 302
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_6f8bc9ac_094afc26_2&verify=true HTTP 302
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-tGHHkZV1l2arxQb7hYAM4cIwtRNrze2c

Request Chain 214

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 314

https://ib.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

435 HTTP transactions
-3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.rawstory.com/qanon-congress-2649937672/ 352 KB
58 KB 179ms
157ms Document
text/html 2606:4700:20::681a:823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15cbd32b2a38fb639401802b3f33dfec4ab326d75e9c100d0501cd465744da96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15786000; preload
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.rawstory.com
:scheme: https
:path: /qanon-congress-2649937672/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:14 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d1dcc6e3aae9241b73ff2576886eea1ca1610640914; expires=Sat, 13-Feb-21 16:15:14 GMT; path=/; domain=.rawstory.com; HttpOnly; SameSite=Lax; Secure
x-rm-cache-ttl: 43200
etag: W/"f24c2a7effd69b4443e165d3dc2595e1"
cache-control: public, max-age=0
x-ua-compatible: IE=Edge,chrome=1
p3p: CP='NO P3P'
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15786000; preload
via: 1.1 F_wfe_production, 1.1 varnish, 1.1 varnish
fastly-swr: 2592000.000
fastly-sie: 86400.000
age: 123
x-served-by: cache-bwi5147-BWI, cache-fra19148-FRA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1610640915.787943,VS0,VE99
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 07a347114d00001f393b1c8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AERqEdZ%2BFkZrgmSLyLm8Qv9Xi%2BKP0KqilBXaz%2Bu9O6MtxeH%2FmO3%2BHg9cM0R34JTrEsltV40AJqgtVHVSkTNBvxrEh8xW9Pbp3E%2F4e5E4LF28lT5ipkIYnWvKClfz"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6118a7954de61f39-FRA
content-encoding: br

GET
H2 200 9Bt33CxNwt7aOctW2xjbCstzwVKsIBVV--SjxbcHcQ2K.woff2
fonts.gstatic.com/s/frederickathegreat/v10/ 198 KB
199 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frederickathegreat/v10/9Bt33CxNwt7aOctW2xjbCstzwVKsIBVV--SjxbcHcQ2K.woff2

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ccaab138af63f75bb9177b64304cbf3fed4ea5381b18bcd9883c9dea8ff7756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rawstory.com
Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 21:52:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 04:57:57 GMT
server: sffe
age: 584579
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203140
x-xss-protection: 0
expires: Fri, 07 Jan 2022 21:52:15 GMT

GET
H2 200 9Bt33CxNwt7aOctW2xjbCstzwVKsIBVV--StxbcHcQ2KVFw.woff2
fonts.gstatic.com/s/frederickathegreat/v10/ 14 KB
14 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frederickathegreat/v10/9Bt33CxNwt7aOctW2xjbCstzwVKsIBVV--StxbcHcQ2KVFw.woff2

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d396a6bfb3decd60b11093231dd1b68138d0157e66c684b170a13b9daf2e326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rawstory.com
Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 04:39:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 04:57:55 GMT
server: sffe
age: 560146
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14148
x-xss-protection: 0
expires: Sat, 08 Jan 2022 04:39:28 GMT

GET
H2 200 image.jpg
www.rawstory.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTQ1MzI3My9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTYxNTE2MDgwNX0.dyJWEq218YGtPDSa012SpFlAg... 34 KB
35 KB 27ms
22ms Image
image/webp 2606:4700:20::681a:823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rawstory.com/media-library/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTQ1MzI3My9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTYxNTE2MDgwNX0.dyJWEq218YGtPDSa012SpFlAgbvI3RDjljTXkzS08jo/image.jpg?width=1200&quality=85&coordinates=0%2C0%2C126%2C0&height=800
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:823 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3eeb5de0d28855d4b9846128b71b764e6ec4caae339c0a31de90d885101014c

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:14 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
age: 10348
x-powered-by: Express
x-cache: HIT, HIT
x-envoy-upstream-service-time: 133
fastly-swr: 2592000.000
cf-request-id: 07a347121200001f39cb927000000001
x-served-by: cache-bwi5130-BWI, cache-fra19151-FRA
x-rebelmouse-ttl: 3600
server: cloudflare
x-timer: S1610640915.974153,VS0,VE1
etag: W/"8c86-0gi6aztg/mXAa0xXODfhBCEX0Sg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yVrGQCOglW2tDXDmoWB4NT1L3eyz0M6o5vDH8IiGzb5XTMRK7lkV9rYLHx%2BAXMmEPjYyhINheKYAezwPXnxPJc0bVywMugU8NfXwjiJauSrDHXWMUvjyJjPGzhJN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
cf-ray: 6118a79688c71f39-FRA
fastly-sie: 86400.000
x-cache-hits: 2, 1

GET
H2 200 img.jpg
assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTQ1MzI3My9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTYxNTE2MDgwNX0.dyJWEq218YGtPDSa012SpFlAgbvI3RDjljT... 27 KB
28 KB 130ms
52ms Image
image/webp 151.101.113.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNTQ1MzI3My9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTYxNTE2MDgwNX0.dyJWEq218YGtPDSa012SpFlAgbvI3RDjljTXkzS08jo/img.jpg?width=1200&height=675
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: 95229a59f08c3b5d9f9ef215513183f5e4289905fb01ace0a508ddd293783e67

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 10349
x-powered-by: Express
x-cache: HIT, HIT
x-envoy-upstream-service-time: 128
content-encoding: gzip
content-length: 28076
x-served-by: cache-bwi5139-BWI, cache-hhn4021-HHN
fastly-service: 6n5SeXI9vaBDWRYEBuCDvI
server: istio-envoy
x-timer: S1610640915.049607,VS0,VE1
etag: W/"8c86-0gi6aztg/mXAa0xXODfhBCEX0Sg"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 main.02db10cbbc0a04a4fb67.bundle.mjs Show response
www.rawstory.com/static/dist/social-ux/ 33 KB
11 KB 83ms
83ms Script
application/x-javascript 2606:4700:20::681a:823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3e923d6d2cfba2f8f470bb56c9916f5c85bd12ed49136c5e8d7ee211023b618

Security Headers

Name	Value
Strict-Transport-Security	max-age=15786000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://www.rawstory.com
Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
via: 1.1 F_wfe_production, 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
age: 187396
x-cache: HIT, HIT
fastly-swr: 2592000.000
content-encoding: br
cf-request-id: 07a34711fa00001f391385d000000001
x-served-by: cache-bwi5139-BWI, cache-fra19138-FRA
last-modified: Tue, 12 Jan 2021 11:52:05 GMT
server: cloudflare
x-timer: S1610640915.980759,VS0,VE0
x-frame-options: SAMEORIGIN
etag: W/"5ffd8d65-826e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15786000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kTftdomQN6exBwSa%2Bo6XtK%2FbB1sKm%2FTu6PYUPL%2BiNmmfwAbE%2F7TzAKSBoZh%2Bt8Ghz5FhiNmltQryKy46bjAPkT3Aot7hM4%2FcOGQcux1pWQX9ogxIdBTVzfOakDMA"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 6118a79658551f39-FRA
fastly-sie: 86400.000
x-cache-hits: 1, 5

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
19 KB 150ms
50ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

d937b9c40260e569fbf72d571278fb5f4786e9ef913ac029389772502a8ae408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "754 / 438 of 1000 / last-modified: 1610626295"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18984
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
712 B 25ms
22ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@300;400;500;600;700&display=swap

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca54f1138164ac7adcf48ebade406861ede82b9969a7e1c5b7f68e1e71463dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 16:15:14 GMT
server: ESF
date: Thu, 14 Jan 2021 16:15:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jan 2021 16:15:14 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
761 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

888b6a7303f18592b1e2c19cdd31ac7dd213f17a2cb828c1050b4d377b2d0ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 15:54:39 GMT
server: ESF
date: Thu, 14 Jan 2021 16:15:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jan 2021 16:15:14 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
685 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;700&display=swap

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c88cd2bc0503600953294fc24e66171a1dfa6adbcaa4e39c4ec57a5c721da1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 15:42:21 GMT
server: ESF
date: Thu, 14 Jan 2021 16:15:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jan 2021 16:15:14 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 54ms
22ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 364
etag: W/"f35a2111ffcc2dc2fded1fe3c98a7bee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=43200
cf-ray: 6118a796ba804aaa-FRA
cf-request-id: 07a347122e00004aaacb810000000001
expires: Fri, 15 Jan 2021 04:15:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
544 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Serif&display=swap

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

315cc91910ce504374aa1873c8ed0b756c0698075d0c79e7a9c125eef1005e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 15:12:00 GMT
server: ESF
date: Thu, 14 Jan 2021 16:15:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jan 2021 16:15:14 GMT

GET
H2 200 img.png
assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNDc4ODY4OS9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTY1NjI5NTE4NX0.hX5q_6ecaT2TF32vwz-4YA47AVgf04Z3IZK... 4 KB
4 KB 112ms
35ms Image
image/webp 151.101.113.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNDc4ODY4OS9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTY1NjI5NTE4NX0.hX5q_6ecaT2TF32vwz-4YA47AVgf04Z3IZKWkMDHfto/img.png?width=450&height=84
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: 9ebcc8fa950638c866deab784e02e02349329f900d6c341c9a594c1cbea9764c

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 2313762
x-powered-by: Express
x-cache: HIT, HIT
x-envoy-upstream-service-time: 71
content-encoding: gzip
content-length: 4216
x-served-by: cache-bwi5130-BWI, cache-hhn4021-HHN
fastly-service: 6n5SeXI9vaBDWRYEBuCDvI
server: istio-envoy
x-timer: S1610640915.049782,VS0,VE0
etag: W/"1951-WGmlHgYaGT6BonzXAU93XC0c0GQ"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-cache-hits: 1, 9

GET
H2 200 img.png
assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNDc4ODcwMS9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTY3MTUzNzE0MH0.FaXyafKapEc8ynqg5ap_c_phZRAMC6ThrAF... 3 KB
3 KB 113ms
35ms Image
image/webp 151.101.113.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNDc4ODcwMS9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTY3MTUzNzE0MH0.FaXyafKapEc8ynqg5ap_c_phZRAMC6ThrAFREu-_j9w/img.png?width=290&height=50
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: a7ecb30bcfe84505c021adf597010a0e3e89ac8842abd9b9ef39f261e6e4b71a

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 2261505
x-powered-by: Express
x-cache: HIT, HIT
x-envoy-upstream-service-time: 81
content-encoding: gzip
content-length: 2910
x-served-by: cache-bwi5138-BWI, cache-hhn4021-HHN
fastly-service: 6n5SeXI9vaBDWRYEBuCDvI
server: istio-envoy
x-timer: S1610640915.049808,VS0,VE0
etag: W/"801-2bMtRuiv3VZ+aDoRYzyFdOrDTzE"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-cache-hits: 1, 13

GET
H2 200 img.png
assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNDc4ODcwMi9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTY2NjY4ODI2MH0.h_FUkZr4dk23lFRIzDAnZH2_8Uh2d0vUa4T... 3 KB
3 KB 113ms
35ms Image
image/webp 151.101.113.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNDc4ODcwMi9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTY2NjY4ODI2MH0.h_FUkZr4dk23lFRIzDAnZH2_8Uh2d0vUa4TxzOpLfsw/img.png?width=290&height=50
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: cd6739e275c5db5250e4c16f6f2cc532c4d0ea4a019634231e8fb1bd95ab55ba

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 534545
x-powered-by: Express
x-cache: HIT, HIT
x-envoy-upstream-service-time: 88
content-encoding: gzip
content-length: 2792
x-served-by: cache-bwi5135-BWI, cache-hhn4021-HHN
fastly-service: 6n5SeXI9vaBDWRYEBuCDvI
server: istio-envoy
x-timer: S1610640915.049791,VS0,VE0
etag: W/"832-/1e2uxLbsfwdk1QJLho21b7SJIY"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-cache-hits: 1, 11

GET
H2 200 origin.png
assets.rbl.ms/24984873/ 90 KB
90 KB 111ms
34ms Image
image/png 151.101.113.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rbl.ms/24984873/origin.png
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a14862adefc3b7858eefd7db74879ef41851d13b8f5635dbcf30f82dd68900ca

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: MTb5pNiRExKR0f7o_Gk0cTC5qxsQotlR
via: 1.1 varnish
etag: "49673c490cf8327c614381ce2ea588be"
age: 57992
x-cache: HIT
content-length: 92273
x-amz-id-2: gMKS5hKl9x05jp6YGvmACgoOkZuJBeYTUaD9MmEPpjBZ2foFcyBd/E5bCbMcJVhOMhuafkPeVAw=
x-served-by: cache-hhn4059-HHN
last-modified: Mon, 21 Dec 2020 18:18:17 GMT
server: AmazonS3
x-timer: S1610640915.049838,VS0,VE0
date: Thu, 14 Jan 2021 16:15:15 GMT
x-amz-request-id: D6B7A3FD321A2580
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/png
x-cache-hits: 22

GET
H2 200 img.png
assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNDkyMzA2NS9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTYzNDY0OTU1NH0.iP5wqakBkofRzch6JT22gCGjpf3WZmEnQ-a... 8 KB
9 KB 116ms
40ms Image
image/webp 151.101.113.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNDkyMzA2NS9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTYzNDY0OTU1NH0.iP5wqakBkofRzch6JT22gCGjpf3WZmEnQ-a0xVh3u98/img.png?width=810&height=130
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: fc209d651c5467cf63b81352dd8f4f7c571be039f3f2e9cfcd6b007343e2f3d5

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 3223215
x-powered-by: Express
x-cache: HIT, HIT
x-envoy-upstream-service-time: 59
content-encoding: gzip
content-length: 8504
x-served-by: cache-bwi5149-BWI, cache-hhn4021-HHN
fastly-service: 6n5SeXI9vaBDWRYEBuCDvI
server: istio-envoy
x-timer: S1610640915.049850,VS0,VE0
etag: W/"463e-bNM3pgrKx0x15dcfCMBrOGMRPcI"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-cache-hits: 1, 11

GET
H2 200 img.png
assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yMzI3Mzc1OS9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTY1Njk1NDY3N30.oGhoGZHMfXhFtE6fBI2oqjyVrsruZvE09eW... 3 KB
3 KB 112ms
36ms Image
image/webp 151.101.113.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yMzI3Mzc1OS9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTY1Njk1NDY3N30.oGhoGZHMfXhFtE6fBI2oqjyVrsruZvE09eWVNzZ-6vY/img.png?width=166&height=60
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: 0d24cd8264cae5fabd2dda6d203951993d44f5128c5fd7367c97fa5f212f2a8d

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 175911
x-powered-by: Express
x-cache: HIT, HIT
x-envoy-upstream-service-time: 71
content-encoding: gzip
content-length: 3210
x-served-by: cache-bwi5126-BWI, cache-hhn4021-HHN
fastly-service: 6n5SeXI9vaBDWRYEBuCDvI
server: istio-envoy
x-timer: S1610640915.049841,VS0,VE0
etag: W/"1164-fR/Izr4DrR5KiffsLmV0ualTus4"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-cache-hits: 1, 13

GET
H2 200 origin.png
assets.rbl.ms/23273759/ 4 KB
5 KB 110ms
34ms Image
image/png 151.101.113.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rbl.ms/23273759/origin.png
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0c5cdaf9d47ef4e6aca8ef156a77f7f3c486b8f69e4d430df59c88f90366e85

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: KGiak0ai9oi1hAUN90IgLBGinpvk0Vdk
via: 1.1 varnish
etag: "f826bbf0a3fe2d65509a036a63a4d8e5"
age: 37619
x-cache: HIT
content-length: 4452
x-amz-id-2: hD6fadUnXjKgE6OS2P+PjyI7pCWmHDL4uHbcsOZsqF7O+VLOc5BJCKUi5zT5m0+jmRLRjRXOiqI=
x-served-by: cache-hhn4059-HHN
last-modified: Tue, 12 May 2020 20:24:32 GMT
server: AmazonS3
x-timer: S1610640915.049822,VS0,VE0
date: Thu, 14 Jan 2021 16:15:15 GMT
x-amz-request-id: 8493AD66E80B7BA9
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/png
x-cache-hits: 6

GET
H2 200 img.png
assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNDQ0MTA5Ny9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTYyOTc0NDY3MX0.L-qn8rKsACB1OmL-AOpcI7QuhQpLJWO3VMJ... 3 KB
3 KB 57ms
56ms Image
image/webp 151.101.113.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNDQ0MTA5Ny9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTYyOTc0NDY3MX0.L-qn8rKsACB1OmL-AOpcI7QuhQpLJWO3VMJfLFxXsik/img.png?width=110&height=36
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: 57088f3aeea400fca4e570f09e3c2c55db6bc6d3b1e29f5241058eee38066885

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 3052064
x-powered-by: Express
x-cache: HIT, HIT
x-envoy-upstream-service-time: 61
content-encoding: gzip
content-length: 2614
x-served-by: cache-bwi5151-BWI, cache-hhn4021-HHN
fastly-service: 6n5SeXI9vaBDWRYEBuCDvI
server: istio-envoy
x-timer: S1610640915.057823,VS0,VE0
etag: W/"1c48-UP6enD2s0bJRLV+JHm5Es+eYsgQ"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-cache-hits: 1, 7

GET
H2 200 img.jpg
assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yMzI4Mjc5NC9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTY0NzE0ODkzOX0.HMWM8a-NzoiyKFy2y27FgqeALFFx-lfXeyl... 4 KB
4 KB 58ms
58ms Image
image/webp 151.101.113.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yMzI4Mjc5NC9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTY0NzE0ODkzOX0.HMWM8a-NzoiyKFy2y27FgqeALFFx-lfXeylxl2rjaq8/img.jpg?width=405&height=65
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: 6be8aa6d7e7cdfc48085a6386e6f1433dcac71b98752e086423217094d5ad461

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 3810374
x-powered-by: Express
x-cache: HIT, HIT
x-envoy-upstream-service-time: 65
content-encoding: gzip
content-length: 4460
x-served-by: cache-bwi5140-BWI, cache-hhn4021-HHN
fastly-service: 6n5SeXI9vaBDWRYEBuCDvI
server: istio-envoy
x-timer: S1610640915.057969,VS0,VE0
etag: W/"3c43-mhMCSW8N86rK6/akf05tJJB8gfk"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-cache-hits: 1, 10

GET
H3-Q050 200 TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v35/ 25 KB
25 KB 58ms
41ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v35/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rawstory.com
Referer: https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 18:09:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jul 2020 19:17:26 GMT
server: sffe
age: 511529
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25376
x-xss-protection: 0
expires: Sat, 08 Jan 2022 18:09:46 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 13ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rawstory.com
Referer: https://fonts.googleapis.com/css2?family=Roboto:wght@300;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 06:19:46 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 122129
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 13 Jan 2022 06:19:46 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rawstory.com
Referer: https://fonts.googleapis.com/css2?family=Roboto:wght@300;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 15:35:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2382
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 14 Jan 2022 15:35:33 GMT

GET
H2 200 fontawesome-mini.woff
static.rbl.ms/static/fonts/fontawesome/ 7 KB
7 KB 69ms
20ms Font
application/font-woff 151.101.193.68
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.rbl.ms/static/fonts/fontawesome/fontawesome-mini.woff
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.68 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3851b21e4926db62fa6f62d809ac6e44c4bdddf0582cff57dcccd699ead9537a

Request headers

Origin: https://www.rawstory.com
Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 22 Dec 2020 14:41:40 GMT
age: 616931
etag: "5fe205a4-1c44"
x-served-by: cache-bwi5135-BWI, cache-cph20635-CPH
x-cache: HIT, HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-timer: S1610640915.106769,VS0,VE0
content-length: 7236
x-cache-hits: 3, 1939

GET
H2 200 origin.png
assets.rbl.ms/24966368/ 1 KB
1 KB 32ms
31ms Image
image/png 151.101.113.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rbl.ms/24966368/origin.png
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3bd7c61e2b7f791b04cb0557bf4e10880bd4d85b9dfd46647bcca483fee23cb

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: _mF8lQ1w1v79IhrTUpEjGdxMMz5k8IZW
via: 1.1 varnish
etag: "1c967c39d0a5f660f45c462400c2808c"
age: 573523
x-cache: HIT
content-length: 1266
x-amz-id-2: cRW+zOnSzTUA54dBCPsk3wHJFsvsu6HkZSow78S2ARp6Wm8E0b5ESC+882QEZV81DGnFKB4O774=
x-served-by: cache-hhn4059-HHN
last-modified: Wed, 16 Dec 2020 12:27:11 GMT
server: AmazonS3
x-timer: S1610640915.099489,VS0,VE0
date: Thu, 14 Jan 2021 16:15:15 GMT
x-amz-request-id: E933A2F40DCEA460
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/png
x-cache-hits: 3

GET
H3-Q050 200 EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v12/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Serif&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rawstory.com
Referer: https://fonts.googleapis.com/css2?family=PT+Serif&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 21:30:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:05:28 GMT
server: sffe
age: 585861
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13280
x-xss-protection: 0
expires: Fri, 07 Jan 2022 21:30:54 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 pubads_impl_2021011202.js Show response
securepubads.g.doubleclick.net/gpt/ 276 KB
98 KB 113ms
64ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

74ba50276f10c70f4c62473eacaac82a8feb54d29a4198f23cfcfb583437d43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Jan 2021 15:13:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99521
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:15 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 103ms
37ms Script
application/x-javascript 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 16:15:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 15 Jan 2021 16:15:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3343
date: Thu, 14 Jan 2021 15:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 14 Jan 2021 17:19:32 GMT

GET
H2 200 spacer.gif Show response
pages-stats.rbl.ms/ 43 B
214 B 354ms
108ms Fetch
image/gif 54.86.238.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pages-stats.rbl.ms/spacer.gif?1610640915296&event=post-page-view&version=1&format=json&data=%7B%22site_id%22%3A20266338%2C%22roar_id%22%3A20266338%2C%22client%22%3A%22desktop%22%2C%22referrer%22%3A%22%22%2C%22post_id%22%3A2649937672%2C%22provider_id%22%3A0%2C%22sections%22%3A%5B0%2C535969657%2C502613554%2C532450090%5D%2C%22buckets%22%3A%5B%5D%2C%22authors%22%3A%5B20272777%5D%7D
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.238.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-238-79.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
last-modified: Wed, 21 Oct 2020 16:26:25 GMT
server: openresty
etag: "5f906131-2b"
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
content-length: 43

POST
H2 200 / Show response
res.rbl.ms/core/users/tracking/ 89 B
353 B 137ms
116ms Fetch
application/json 151.101.193.68
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://res.rbl.ms/core/users/tracking/
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.68 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9d74b72913bac19c9a55d40e7d3bd07b66eeac174fd5c957fdf0d4921706893d

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: gzip
age: 0
x-cache: MISS, MISS
p3p: CP='NO P3P'
x-served-by: cache-bwi5137-BWI, cache-cph20635-CPH
access-control-allow-origin: *
x-timer: S1610640915.319979,VS0,VE96
vary: Accept-Encoding, Cookie
content-type: application/json
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache, must-revalidate, private
x-ua-compatible: IE=Edge,chrome=1
accept-ranges: bytes
access-control-allow-headers: Content-Type, Accept
x-cache-hits: 0, 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 23ms
6ms Script
application/x-javascript 2600:9000:2057:e600:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e600:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d5132eb4775fe5c85d515453cb238727620936adc84e5f727d495f8fefa2eba3

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 15:35:39 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 03:23:55 GMT
server: nginx
age: 2376
etag: W/"5f866f4b-8e0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: EcBGZvi2RLVnQIut-tNuS7IRhuQYjfG7YObIWtVqrEk3od6RU21qkQ==
expires: Thu, 14 Jan 2021 17:35:39 GMT

GET
H2 200 24.02db10cbbc0a04a4fb67.bundle.mjs Show response
www.rawstory.com/static/dist/social-ux/ 474 B
931 B 28ms
27ms Script
application/x-javascript 2606:4700:20::681a:823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rawstory.com/static/dist/social-ux/24.02db10cbbc0a04a4fb67.bundle.mjs

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77aa44056718de08b6adb2a55482307b79da5629cefaefec20202d1b9905e5f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15786000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
via: 1.1 F_wfe_production, 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
age: 187397
x-cache: HIT, HIT
fastly-swr: 2592000.000
content-encoding: br
cf-request-id: 07a347136400001f3911bc8000000001
x-served-by: cache-bwi5141-BWI, cache-fra19140-FRA
last-modified: Tue, 12 Jan 2021 11:52:05 GMT
server: cloudflare
x-timer: S1610640915.315141,VS0,VE1
x-frame-options: SAMEORIGIN
etag: W/"5ffd8d65-1da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15786000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T64gsXqO9W%2Bp5wwdmuaH5U8wqTbiX023tJWaI9b8dFXCGc%2B1rHu5KxV6xQ6x5ZYquGhyi08c%2Fy2IcV2kw4DQHVDLcvYSETXuT72zC%2Fdpn%2FzVAzEO3V6o8Sgo5mJ1"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 6118a7989e201f39-FRA
fastly-sie: 86400.000
x-cache-hits: 1, 1

GET
H2 200 25.02db10cbbc0a04a4fb67.bundle.mjs Show response
www.rawstory.com/static/dist/social-ux/ 621 B
693 B 26ms
26ms Script
application/x-javascript 2606:4700:20::681a:823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rawstory.com/static/dist/social-ux/25.02db10cbbc0a04a4fb67.bundle.mjs

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d34b8449ab7f91a23b895103dfd179bb92c298c03d0ff2a1bb41abf7b1ffd522

Security Headers

Name	Value
Strict-Transport-Security	max-age=15786000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
via: 1.1 F_wfe_production, 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
age: 187397
x-cache: HIT, HIT
fastly-swr: 2592000.000
content-encoding: br
cf-request-id: 07a347136500001f39d6976000000001
x-served-by: cache-bwi5145-BWI, cache-fra19127-FRA
last-modified: Tue, 12 Jan 2021 11:52:05 GMT
server: cloudflare
x-timer: S1610640915.309900,VS0,VE0
x-frame-options: SAMEORIGIN
etag: W/"5ffd8d65-26d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15786000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ulSXVoOwjEdEjAdkj9nXy%2BVfvkrBPCywvIrln%2FNbrgR64R7gCMgr9IiJOaxa3z1SvfnQU46NOua52LgWuOCmXk1MEXbGTI0Wd1Dqr8i%2F0QDWKNQlLiCvDwlvq5sJ"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 6118a798ae241f39-FRA
fastly-sie: 86400.000
x-cache-hits: 1, 2

POST
H3-Q050 200 collect
www.google-analytics.com/ 35 B
69 B 41ms
14ms Other
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-18141479-1&cid=463743614.1610640915&jid=1455295637&gjid=704722146&_gid=511225936.1610640915&_u=YGDAgEABAAAAAE~&z=537441977

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 14 Jan 2021 16:15:15 GMT
content-type: text/plain
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 326ms
110ms Image
image/gif 54.84.196.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=rawstory.com&p=%2Fqanon-congress-2649937672%2F&u=Cv4aizBCN1i3r8c4h&d=rawstory.com&g=10725&g0=Push%20Notification%2CSmartNews%2CFrontpage%20videos%20-%206%20articles&g1=Travis%20Gettys&n=1&f=00001&c=0&x=0&m=0&y=7958&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=612&t=D76OY3DJfOkUCWlx5nQurbVwsh19&V=121&i=MSNBC%27s%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues%20-%20Raw%20Sto&tz=-60&sn=1&sv=DOulpkCxk9BTDtZZGcBL8ynzBZBwmz&sd=1&im=067b0ff2&_
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.196.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-196-220.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
29ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-18141479-1&cid=463743614.1610640915&jid=1455295637&_u=YGDAgEABAAAAAE~&z=190547203

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-18141479-1&cid=463743614.1610640915&jid=1455295637&_u=YGDAgEABAAAAAE~&z=190547203

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
389 B 15ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=226550801&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&ul=en-us&de=UTF-8&dt=MSNBC%27s%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues%20-%20Raw%20Story%20-%20Celebrating%2016%20Years%20of%20Independent%20Journalism&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABAAAAAG~&jid=766317604&gjid=225337433&cid=463743614.1610640915&tid=p-76DHYTY06o6yQ&_gid=511225936.1610640915&_r=1&_slc=1&z=1923590578

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 egtfdegHAd2A_V-s9LVlESD2lKxQs6fp83Y07SUuo0VxLVQEJuQ6PlYvR5voudL7LwA01I21v6r Show response
scrubswim.com/v2/0/ 103 KB
30 KB 171ms
64ms Script
text/javascript 35.190.90.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scrubswim.com/v2/0/egtfdegHAd2A_V-s9LVlESD2lKxQs6fp83Y07SUuo0VxLVQEJuQ6PlYvR5voudL7LwA01I21v6r

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.90.202 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

202.90.190.35.bc.googleusercontent.com

Software

Resource Hash

58cff829dec10747bf665710580ebf7e1632f226a8904a9f3d0430b11cac7cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "1b1b2dc072c5fc50fa0e2c0dfbb64e11db934753e2c706bdc324e915731a716b"
vary: Accept-Encoding, Accept-Language
x-hostname: 9b6d8613
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Thu, 14 Jan 2021 16:15:15 GMT
timing-allow-origin: *

GET
H2 200 rawstory.min.js Show response
global.proper.io/ 24 KB
6 KB 43ms
24ms Script
application/javascript 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/rawstory.min.js
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41d610b21bcf8098c61d16208790d6111353b2b5a6bdbd1feaefd7986bcfcb6d

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Jan 2021 15:56:08 GMT
server: cloudflare
age: 87542
etag: W/"5fff1818-5f07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6118a7992a802bd2-FRA
cf-request-id: 07a34713b700002bd27da49000000001
expires: Thu, 14 Jan 2021 16:20:15 GMT

GET
H2 200 i.js Show response
tag.bounceexchange.com/3129/ 5 KB
2 KB 103ms
32ms Script
text/plain 34.120.253.250
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.bounceexchange.com/3129/i.js
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: fc6c62a779ef905a0848a9feddf46cfe6f2caab3f524d8469001c215ca4dd7a1

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:14:26 GMT
content-encoding: gzip
server: fasthttp
age: 49
etag: 957c11baad3b51
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: public, max-age=60
x-region: us-central1
timing-allow-origin: *
alt-svc: clear
content-length: 2212

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/91852/ Frame BE1D
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/91852/connatix.player.dc.js

927 KB
230 KB

139ms
71ms

Script
application/javascript

151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/91852/connatix.player.dc.js
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 62b448933278cf357df19d8969cd647127b2956b9c772a8fdb07bf1938a768b3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: YIlnTtzcVcWD3AKc5ubxe2JwnVSxK5.3
via: 1.1 varnish, 1.1 varnish
etag: "0ea8b98d3b48816e882fd9cf5e012805"
age: 20488
x-cache: HIT, HIT
x-amz-replication-status: FAILED
content-encoding: gzip
content-length: 235133
x-served-by: cache-dca17780-DCA, cache-hhn4078-HHN
last-modified: Thu, 14 Jan 2021 09:40:43 GMT
x-timer: S1610640916.596488,VS0,VE0
date: Thu, 14 Jan 2021 16:15:15 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 15

Redirect headers

date: Thu, 14 Jan 2021 16:15:15 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-served-by: cache-fra19175-FRA
x-cache: HIT
location: https://cds.connatix.com/p/91852/connatix.player.dc.js
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
x-timer: S1610640915.451802,VS0,VE0
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/91854/ Frame FE05
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/91854/connatix.playspace.dc.js

1 MB
255 KB

99ms
31ms

Script
application/javascript

151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/91854/connatix.playspace.dc.js
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 768f5ddc8738d3322d9edb09ff3b8c05eed4acfece2996683a08d2dfccfbabc4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ab8qjEAMnLt79twwHiPrRSiFdKEYPRAT
via: 1.1 varnish, 1.1 varnish
etag: "b8e982db4e1abff0826c8cd86904e420"
age: 20488
x-cache: HIT, HIT
x-amz-replication-status: FAILED
content-encoding: gzip
content-length: 260596
x-served-by: cache-dca17777-DCA, cache-hhn4078-HHN
last-modified: Thu, 14 Jan 2021 09:41:13 GMT
x-timer: S1610640916.596507,VS0,VE0
date: Thu, 14 Jan 2021 16:15:15 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 3995

Redirect headers

date: Thu, 14 Jan 2021 16:15:15 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-served-by: cache-fra19175-FRA
x-cache: HIT
location: https://cds.connatix.com/p/91854/connatix.playspace.dc.js
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
x-timer: S1610640915.451852,VS0,VE0
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 706 KB
189 KB 26ms
6ms Script
text/javascript 2a02:26f0:6c00:19c::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:19c::26e5 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b0e65b8c1dfddc24a85dd204338613a95cb9bd998bcfeea932f8d9e5859a151b

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: AD957E1CBC7F3D96
content-length: 192692
x-amz-id-2: IREc0G2o0zQ3ZaiSAeCcTVPwxWGAYlKZMdzTsyBbAX5WSk1ka4SIPxKYjApkR1T87DYv/FJm5n8=
last-modified: Mon, 11 Jan 2021 15:04:51 GMT
etag: "e819e78b45319d408c5473f25a5a6d5a"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 6
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 14 Jan 2021 16:45:15 GMT

GET
H2 200 tag Show response
a.teads.tv/page/478/ 2 KB
987 B 129ms
55ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/478/tag
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c80ec5e5c7f4497af102517dbd905c43b05df0529ab4b7903ec4adb5c11d2a0f

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 737
expires: Thu, 14 Jan 2021 17:15:15 GMT

GET
H2 200 quant.js Show response
edge.quantserve.com/ 23 KB
9 KB 28ms
10ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: gzip
etag: "8q1rat7Mm9i+FVcOidF8/g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 21 Jan 2021 16:15:15 GMT

GET
H2 200 js.php Show response
us.ads.justpremium.com/adserve/ 8 KB
4 KB 118ms
44ms Script
text/javascript 35.156.26.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ads.justpremium.com/adserve/js.php?zone=68057
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.26.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-26-195.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 519995eb7192620db054fe9d35ba76a94d1754910448a6b5eca2bc285305c746

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: gzip
cache-control: public, no-cache, no-store, must-revalidate
content-type: text/javascript; charset=utf-8

GET
H2 200 script.js Show response
kindest.azureedge.net/widget/ 24 KB
7 KB 227ms
189ms Script
application/x-javascript 2a02:26f0:64::210:6bb9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kindest.azureedge.net/widget/script.js
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:64::210:6bb9 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 57e7457975b1d047a89daf73276144a7d36bb8dd7084126d6a43cf0c52f78025

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 15:33:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: XJevPBv4jqkin2B2dqg7/g==
etag: 0x8D86B9F714FF15A
vary: Origin, Accept-Encoding
content-type: application/x-javascript
x-ms-request-id: 314e398b-c01e-00ce-4b90-ea5639000000
x-ms-version: 2009-09-19
content-length: 7247

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=32131503&c6=Push%20Notification&c8=MSNBC%26%2339%3Bs%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colle...
https://sb.scorecardresearch.com/b2?c1=2&c2=32131503&c6=Push%20Notification&c8=MSNBC%26%2339%3Bs%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20coll...

0
528 B

34ms
33ms

Image
text/plain

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=32131503&c6=Push%20Notification&c8=MSNBC%26%2339%3Bs%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues&ns__t=1610640915396&ns_c=UTF-8&cv=3.5&c8=MSNBC%27s%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues%20-%20Raw%20Story%20-%20Celebrating%2016%20Years%20of%20Independent%20Journalism&c7=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&c9=&cs_ak_ss=1
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 16:15:15 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=32131503&c6=Push%20Notification&c8=MSNBC%26%2339%3Bs%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues&ns__t=1610640915396&ns_c=UTF-8&cv=3.5&c8=MSNBC%27s%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues%20-%20Raw%20Story%20-%20Celebrating%2016%20Years%20of%20Independent%20Journalism&c7=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Thu, 14 Jan 2021 16:15:15 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 319 KB
81 KB 30ms
29ms Script
application/javascript 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/rawstory.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Jan 2021 15:33:24 GMT
server: cloudflare
age: 85385
etag: W/"5fff12c4-4fbd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6118a7995af82bd2-FRA
cf-request-id: 07a34713d200002bd260aee000000001
expires: Thu, 14 Jan 2021 16:20:15 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 150ms
78ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&fv=640-for-4104&ts=1610640915481&env=js-web&pageId=478&pid=31352&auctid=136eea22-ec1c-42ed-891a-fce52b598aae&f=1&debug_metadata=wb&referer=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 150ms
79ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=136eea22-ec1c-42ed-891a-fce52b598aae&pageId=478&pid=31352&fv=640-for-4104&ts=1610640915482&f=1&referer=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 128ms
76ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=136eea22-ec1c-42ed-891a-fce52b598aae&pageId=478&pid=31352&slot=native&fv=640-for-4104&ts=1610640915491&f=1&referer=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/478/ 491 B
594 B 95ms
95ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/478/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&page=%7B%22id%22%3A478%2C%22placements%22%3A%5B%7B%22id%22%3A31352%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A594%2C%22height%22%3A334%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%7D&auctid=136eea22-ec1c-42ed-891a-fce52b598aae&formatVersion=2.22.61&env=js-web&netBw=10&ttfb=157
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3ebce4283a4defea2d0c18a447b8ad72f361f86a6096c119f341fb03be1b0e8f

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.rawstory.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 336
expires: Thu, 14 Jan 2021 16:15:15 GMT

GET
H/1.1 200
OK p
sb.scorecardresearch.com/ 43 B
589 B 69ms
38ms Image
image/gif 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1610640915495&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=70382243&cs_ucfr=
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 16:15:15 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.dk/adsid/ 109 B
803 B 48ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=www.rawstory.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 16ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.rawstory.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 451 B
696 B 84ms
84ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1884982980774125&correlator=4153545228082547&output=ldjh&impl=fif&eid=21067994%2C21068773%2C21069751%2C21064370%2C21068031%2C21069716%2C44734254&vrg=2021011202&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210114&iu_parts=1010624%2CJustPremium_Wallpaper&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&cookie_enabled=1&bc=31&abxe=1&lmt=1610640915&dt=1610640915547&dlt=1610640914923&idt=599&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=0&adks=590625468&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x7959&msz=1600x1&ga_vid=463743614.1610640915&ga_sid=1610640916&ga_hid=226550801&fws=4&ohw=1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

313d13c1b6a58a039684d5c95eef5e95e5dc82ffb0e109e0a6618912891d8a1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
53dab7933853502386cdba4744de8870.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 53ms
17ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://53dab7933853502386cdba4744de8870.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 10ms
9ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 456 B
274 B 83ms
82ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1884982980774125&correlator=4153545228082547&output=ldjh&impl=fif&eid=21067994%2C21068773%2C21069751%2C21064370%2C21068031%2C21069716%2C44734254&vrg=2021011202&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210114&iu_parts=1010624%2CRawstory_Undertone_Desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&cookie_enabled=1&bc=31&abxe=1&lmt=1610640915&dt=1610640915602&dlt=1610640914923&idt=599&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=7919&adks=2138514539&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x7959&msz=1600x1&ga_vid=463743614.1610640915&ga_sid=1610640916&ga_hid=226550801&fws=4&ohw=1600&btvi=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e6f5f7ddd4756a877006d315f740fee8d9ace8ef6c08c171c399c7f823c19f4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 460 B
284 B 86ms
86ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1884982980774125&correlator=4153545228082547&output=ldjh&impl=fif&eid=21067994%2C21068773%2C21069751%2C21064370%2C21068031%2C21069716%2C44734254&vrg=2021011202&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210114&iu_parts=1010624%2CRawstory_Undertone_Adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&cookie_enabled=1&bc=31&abxe=1&lmt=1610640915&dt=1610640915606&dlt=1610640914923&idt=599&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=7960&adks=449907939&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x7959&msz=1600x0&ga_vid=463743614.1610640915&ga_sid=1610640916&ga_hid=226550801&fws=4&ohw=1600&btvi=2&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

d59d377c16b69705740593dd9e08e77ed4de19db4650e702f0baaf3771a1ebc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 91ms
90ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=136eea22-ec1c-42ed-891a-fce52b598aae&pageId=478&pid=31352&slot=native&vid=4ee7d2d12b7d2e3fdb86a4f757fca5e85d244843&fv=640-for-4104&ts=1610640915622&f=1&referer=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ijs_all_modules_cjs_min_775b9b434a4111b5921ec63da08fa029.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 554 KB
135 KB 101ms
27ms Script
text/javascript 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_775b9b434a4111b5921ec63da08fa029.js
Requested by: Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/3129/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 68188624fb0b44b17140e4995414fe5f063698ea735fd520b4619538171a2cf9

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:13:25 GMT
content-encoding: gzip
age: 110
x-guploader-uploadid: ABg5-UybIXuHjP9VEOe_qCurQsQzqOxed1t3D8exL_AZNFlKlCcL8B6VWxXaXKu_XNvDf7EV90gRO2d98tqSpyw2QNw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 137966
last-modified: Thu, 14 Jan 2021 16:13:15 GMT
server: UploadServer
etag: "91eb2b82545cf5f76293df5903e32e22"
vary: Accept-Encoding
x-goog-hash: crc32c=69Z7PA==, md5=kesrglRc9fdik99ZA+MuIg==
x-goog-generation: 1610640795391924
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 137966
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 14 Jan 2022 16:13:25 GMT

GET
H2 200 spacer.gif Show response
user-stats.rbl.ms/ 43 B
213 B 120ms
110ms Fetch
image/gif 54.86.238.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://user-stats.rbl.ms/spacer.gif?1610640915634&event=page-view&version=1&format=json&data=%7B%22site_id%22%3A20266338%2C%22roar_id%22%3A20266338%2C%22client%22%3A%22desktop%22%2C%22referrer%22%3A%22%22%2C%22post_id%22%3A2649937672%2C%22sections%22%3A%5B0%2C535969657%2C502613554%2C532450090%5D%2C%22user_tracking_id%22%3A%22-2346379289%22%7D
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.238.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-238-79.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
last-modified: Wed, 20 May 2020 09:49:25 GMT
server: openresty
etag: "5ec4fd25-2b"
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
content-length: 43

GET
H2 200 jpx.js Show response
cdn.justpremium.com/js/v2.50.375/ 281 KB
66 KB 393ms
44ms Script
text/javascript 143.204.215.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js
Requested by: Host: us.ads.justpremium.com
URL: https://us.ads.justpremium.com/adserve/js.php?zone=68057
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-70.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2deea221118e199cc8a8ffffa78dcec65f1563fdaeb3b3c6d4da483836d221d

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 01:24:40 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 14:17:56 GMT
server: AmazonS3
age: 1263037
etag: W/"a4a9b94f50ddc53ab7d43b9d1dc56f83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000, s-maxage=2592000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: NHvksWi64uZZ43eS0MeM592MK8ps1jnmw3fFGwutgFV22Af3hsbnVQ==

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ 43 B
332 B 155ms
33ms Image
image/gif 3.125.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=r-d48df8db-a072-469a-8fcc-31e2a4ba2130-104346-914305771&sid=r-7759673f-28d1-4e2f-8a53-fbb874967029-104346-914329202&uid=r-767d531d-ee2e-40b2-8acc-a5123b1d9280-104346-914356507&vr=v2.50.375&ru=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&tt=1610640915635&siw=0&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.0&vn=eu-central-1&sd=&_c=2658601408&et=&aid=&said=&ei=&fc=&sp=&at=adserver&cid=0&ist=&mg=&dl=&dlt=&ev=&vt=&zid=68057&dr=0&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ias%22%3A%7B%22riskIP%22%3A%22%22%2C%22riskHref%22%3A%5B%22HIGH_OFFENSIVE_LANG%22%5D%2C%22content%22%3A%5B%22IAB_LAWGOVT%22%5D%7D%7D&ty=ta
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-0-64.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 16:15:15 GMT
Last-Modified: Tue, 25 Feb 2020 12:05:29 GMT
Server: nginx
ETag: "5e550d89-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 16ms
11ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: gzip
etag: "8q1rat7Mm9i+FVcOidF8/g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 21 Jan 2021 16:15:15 GMT

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 3 B
346 B 36ms
13ms Script
application/x-javascript 2600:9000:2057:8800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:12:41 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 02:39:21 GMT
server: AmazonS3
age: 155
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: L8QX2S_lItWonwuaLfjcQIfw2yOBatEXmxOnxUH7lbG966Oj8PtnUQ==

GET
H2 200 pixel;r=1269937090;rf=3;uht=2;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F;fpan=1;fpa=P0-1860485844-1610640915650;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;c...
pixel.quantserve.com/ 35 B
371 B 14ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1269937090;rf=3;uht=2;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F;fpan=1;fpa=P0-1860485844-1610640915650;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;ref=;d=rawstory.com;je=0;sr=1600x1200x24;dst=1;et=1610640915650;tzo=-60;ogl=type.article%2Curl.https%3A%2F%2Fwww%252Erawstory%252Ecom%2Fqanon-congress-2649937672%2F%2Csite_name.Raw%20Story%20-%20Celebrating%2016%20Years%20of%20Independent%20Journalism%2Cimage.https%3A%2F%2Fwww%252Erawstory%252Ecom%2Fmedia-library%2FeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9%252EeyJp%2Cimage%3Awidth.1200%2Cimage%3Aheight.600%2Ctitle.MSNBC's%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20%2Cdescription.MSNBC's%20Joe%20Scarborough%20warned%20that%20Qanon%20cultists%20in%20Congress%20were%20putting%20thei

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 87ms
82ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&fv=640-for-4104&ts=1610640915693&env=js-web&pageId=478&pid=31352&auctid=45938884-a0ff-4ec6-aee2-1e08eceabb87&f=1&debug_metadata=wb&referer=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 88ms
83ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=45938884-a0ff-4ec6-aee2-1e08eceabb87&pageId=478&pid=31352&fv=640-for-4104&ts=1610640915693&f=1&referer=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 88ms
83ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=45938884-a0ff-4ec6-aee2-1e08eceabb87&pageId=478&pid=31352&slot=multislot&fv=640-for-4104&ts=1610640915698&f=1&referer=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/478/ 491 B
545 B 119ms
116ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/478/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&page=%7B%22id%22%3A478%2C%22placements%22%3A%5B%7B%22id%22%3A31352%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A594%2C%22height%22%3A334%7D%2C%22slotType%22%3A%22multislot%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%7D&auctid=45938884-a0ff-4ec6-aee2-1e08eceabb87&formatVersion=2.22.61&env=js-web&netBw=10&ttfb=157
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 680de6b8401890061a5878aa004115a64078658d75b1ad519d1cac6a972a701b

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.rawstory.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 337
expires: Thu, 14 Jan 2021 16:15:15 GMT

GET
H/1.1 200
OK p
sb.scorecardresearch.com/ 43 B
589 B 37ms
34ms Image
image/gif 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1610640915703&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=15230285&cs_ucfr=
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 16:15:15 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 PMJTYOGiE
api-2.kindest.com/rest/widget/ Frame 0
0 268ms
226ms Other 2606:4700:3033::ac43:ac75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-2.kindest.com/rest/widget/PMJTYOGiE
Protocol: H2
Server: 2606:4700:3033::ac43:ac75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.rawstory.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
via: 1.1 vegur
cf-cache-status: DYNAMIC
cf-request-id: 07a347155600002bd28d0dc000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P0o71jr3cLwVA3sbKTRenDINGTkvEZ%2BlW9EQ8eVccWMe3v8HvFUlLzV5Zn4bOLf9Q3%2FBhija47YxDmfLgkOIk4UEXePyyvAH5JQ43APot1XUQ3ycdcwqZ9ApVqkOUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6118a79bba342bd2-FRA

GET
H2 200 PMJTYOGiE Show response
api-2.kindest.com/rest/widget/ 139 B
568 B 229ms
229ms Fetch
application/json 2606:4700:3033::ac43:ac75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-2.kindest.com/rest/widget/PMJTYOGiE
Requested by: Host: kindest.azureedge.net
URL: https://kindest.azureedge.net/widget/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:ac75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ad4905967869fc41bba3c4a0eeb9c403fccf6ab8f61994493168d306f88dc690

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
via: 1.1 vegur
etag: W/"8b-BNri5KvECJ4wNcmP3gB3cXjb5z4"
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6118a79d2e5a2bd2-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ScoSfnGYfs7S5WPQXJ3NLqwFPbvnMqMQh0um6eTtD5lPzQoKbjxsIm29Gd%2B7v5h08BzX3Uf0PHL%2B%2BnYej4sjcD%2BqHBxTkdvY%2B4vWl77cpc3ZLGvbQcxgljUN9mv3VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cf-request-id: 07a347163900002bd26506b000000001

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/91854/ 105 KB
15 KB 45ms
44ms Stylesheet
text/css 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/91854/connatix.playspace.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e99a991ba324e3c639609e7ae6b8931fefc254c8846232edb22b327402d2c700

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 58jXAbCawno946su8.Tv7xW0gIMYoEP4
via: 1.1 varnish, 1.1 varnish
etag: "9b82cac87f9a9762f699672553ae6289"
age: 20489
x-cache: HIT, HIT
x-amz-replication-status: FAILED
content-encoding: gzip
content-length: 15366
x-served-by: cache-dca17750-DCA, cache-hhn4078-HHN
last-modified: Thu, 14 Jan 2021 09:41:13 GMT
x-timer: S1610640916.893721,VS0,VE0
date: Thu, 14 Jan 2021 16:15:15 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 2, 4065

GET
H2 200 connatix.player.css
cds.connatix.com/p/91852/ 53 KB
9 KB 31ms
31ms Stylesheet
text/css 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/91852/connatix.player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1d5ce6abfc56177b773caf44c619827632b66db724318425c0bcbe27066ab06b

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: NrD4pJp2lWfzTbJLFKJaGI_3WrhtbtpV
via: 1.1 varnish, 1.1 varnish
etag: "42936fef42768e7907ea66cb1e2192a2"
age: 20487
x-cache: HIT, HIT
x-amz-replication-status: FAILED
content-encoding: gzip
content-length: 8739
x-served-by: cache-dca17760-DCA, cache-hhn4078-HHN
last-modified: Thu, 14 Jan 2021 09:40:43 GMT
x-timer: S1610640916.993762,VS0,VE0
date: Thu, 14 Jan 2021 16:15:15 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 1674

GET
H2 200 track
t.teads.tv/ 23 B
143 B 80ms
80ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=45938884-a0ff-4ec6-aee2-1e08eceabb87&pageId=478&pid=31352&slot=multislot&vid=4ee7d2d12b7d2e3fdb86a4f757fca5e85d244843&fv=640-for-4104&ts=1610640915988&f=1&referer=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D632fdb8e-c675-4aa1-9dbd-e617e342cce3%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D632fdb8e-c675-4aa1-9dbd-e617e342cce3%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=632fdb8e-c675-4aa1-9dbd-e617e342cce3&uid=2fd065df-9d06-4f89-892a-cff2335e9132

183 B
387 B

825ms
187ms

Script
text/javascript

52.25.47.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=632fdb8e-c675-4aa1-9dbd-e617e342cce3&uid=2fd065df-9d06-4f89-892a-cff2335e9132
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.47.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-47-180.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 1bb9cf4ee753a94c328e36f0d5ee15d5d05e017a7fdb4153377faba477d436ef

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Jan 2021 16:15:17 GMT
server: nginx/1.18.0
content-length: 183
content-type: text/javascript

Redirect headers

location: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=632fdb8e-c675-4aa1-9dbd-e617e342cce3&uid=2fd065df-9d06-4f89-892a-cff2335e9132
date: Thu, 14 Jan 2021 16:15:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_6f8bc9ac_094afc26_2
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_6f8bc9ac_094afc26_2&verify=true
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-tGHHkZV1l2arxQb7hYAM4cIwtRNrze2c

153 B
362 B

825ms
188ms

Script
text/javascript

52.25.47.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-tGHHkZV1l2arxQb7hYAM4cIwtRNrze2c
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.47.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-47-180.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8c3adfcfac4a79d4f2825b07adfb76b8c6be2f4486eb4efed1850a90653af533

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Jan 2021 16:15:17 GMT
server: nginx/1.18.0
content-length: 153
content-type: text/javascript

Redirect headers

Date: Thu, 14 Jan 2021 16:15:16 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-tGHHkZV1l2arxQb7hYAM4cIwtRNrze2c
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 787ms
204ms XHR
application/octet-stream 34.218.102.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.218.102.95 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-218-102-95.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 14 Jan 2021 16:15:16 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C8CE 56 KB
19 KB 51ms
51ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

24db225024dcd396d1304abfb13c7522b70a6d9502f4378bf7c083edb8b76ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "754 / 441 of 1000 / last-modified: 1610626295"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19000
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0DFD 55 KB
19 KB 51ms
51ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

5ef3e312dec101a1240eac5d2701a019ba2796bd4d028e9ecb265d08b886aec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "754 / 685 of 1000 / last-modified: 1610626221"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18976
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0DAE 55 KB
19 KB 53ms
53ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

0bdd6005601a84480a97fdfb09593a5224b5bbd714850275f4ba7046cb051d6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "754 / 281 of 1000 / last-modified: 1610626295"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18984
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BEFE 55 KB
19 KB 53ms
52ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

12f2fd69edcf6a172aa7cb1a873e9224b9d65c3c4e4e565cb5fe4c830740b63e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "754 / 290 of 1000 / last-modified: 1610626295"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18977
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8042 55 KB
19 KB 57ms
57ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

d937b9c40260e569fbf72d571278fb5f4786e9ef913ac029389772502a8ae408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "754 / 474 of 1000 / last-modified: 1610626295"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18984
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 435A 55 KB
19 KB 58ms
57ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

d937b9c40260e569fbf72d571278fb5f4786e9ef913ac029389772502a8ae408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "754 / 342 of 1000 / last-modified: 1610626295"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18984
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 15BB 55 KB
19 KB 74ms
73ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

5ef3e312dec101a1240eac5d2701a019ba2796bd4d028e9ecb265d08b886aec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "754 / 903 of 1000 / last-modified: 1610626221"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18976
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DCEA 55 KB
19 KB 59ms
59ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

5ef3e312dec101a1240eac5d2701a019ba2796bd4d028e9ecb265d08b886aec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "754 / 811 of 1000 / last-modified: 1610626221"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18976
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=5076042;misc=1610640916141;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5076042/0/225/ 47 B
80 B 200ms
139ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5076042/0/225/ADTECH;v=2;cmd=bid;cors=yes;alias=5076042;misc=1610640916141;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 3b87322bc4afc635c7a87bd889439d181d1e42050f8b8ed3bbcb8813d84c4dcc

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:16 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.rawstory.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=5076067;misc=1610640916141;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5076067/0/225/ 47 B
80 B 197ms
136ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5076067/0/225/ADTECH;v=2;cmd=bid;cors=yes;alias=5076067;misc=1610640916141;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: a98f2ff5a0a40c5458b2156c64d33f178795fc9dc02edfd40b670c2f24bbd674

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:16 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.rawstory.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=3929117;misc=1610640916142;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/3929117/0/225/ 47 B
80 B 198ms
138ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/3929117/0/225/ADTECH;v=2;cmd=bid;cors=yes;alias=3929117;misc=1610640916142;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 7d94dfef584553429cbb64d1d0d44f410e750f256a3a5c263944388ebc2c02a5

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:16 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.rawstory.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=5177220;misc=1610640916142;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5177220/0/154/ 48 B
81 B 197ms
137ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5177220/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=5177220;misc=1610640916142;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 753ffeac60d8215ab2e1118c1a48c4e3d1bc5b2671d5a3d8f1b2b5bf70ce151d

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:16 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.rawstory.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=4212195;misc=1610640916142;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/4212195/0/154/ 48 B
81 B 199ms
140ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/4212195/0/154/ADTECH;v=2;cmd=bid;cors=yes;alias=4212195;misc=1610640916142;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 38a30f3a6ba633dcf72c8cc280958b1a9728064c9e6e9e6b4ecc777668870776

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:16 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.rawstory.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=3929127;misc=1610640916143;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/3929127/0/170/ 47 B
80 B 199ms
140ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/3929127/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=3929127;misc=1610640916143;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 1b2854a276cb1a5260e6520224a676348dc28fdc19d0cbd05f7e98193092211c

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:16 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.rawstory.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=3929123;misc=1610640916143;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/3929123/0/170/ 48 B
268 B 194ms
135ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/3929123/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=3929123;misc=1610640916143;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 9b3b1b37842d1f2382ac1da89376d8420c25538ff4c52e6f173345c897a41596

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:16 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.rawstory.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=5127205;misc=1610640916143;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5127205/0/170/ 48 B
81 B 196ms
137ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/5127205/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=5127205;misc=1610640916143;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: dbe230fc0fa128097cb77bcd8fb3ed9e06574a597d74d92aac6dce077bdcc9bf

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:16 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.rawstory.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=3929125;misc=1610640916143;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/3929125/0/170/ 48 B
81 B 194ms
135ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/3929125/0/170/ADTECH;v=2;cmd=bid;cors=yes;alias=3929125;misc=1610640916143;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 2b431f716d639cfe244f033abfa3951ef3ca74c7a12d7fb4b3cbca3e3f498c93

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:16 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.rawstory.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=3929130;misc=1610640916144;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/3929130/0/529/ 48 B
81 B 194ms
136ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/3929130/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=3929130;misc=1610640916144;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 4ab3271238af5abd9f6929babca8ce660ba391ac73e4507ddb2faa9d761cf231

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:16 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.rawstory.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=4760455;misc=1610640916144;bidfloor=0.1 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/4760455/0/529/ 48 B
81 B 197ms
139ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9857.1/4760455/0/529/ADTECH;v=2;cmd=bid;cors=yes;alias=4760455;misc=1610640916144;bidfloor=0.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 608ddd44930c7aca8fa736679545dd74ff3404ede74f2cbfbdf445fb9a09c311

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:16 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.rawstory.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK headertag Show response
as-sec.casalemedia.com/ 4 KB
2 KB 3351ms
231ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%22160805539%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-vC2Gc%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-vC2Gc%22%2C%22siteID%22%3A172975%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-2-tnRmm%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-tnRmm%22%2C%22siteID%22%3A172975%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-3-6T7CZ%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-3-6T7CZ%22%2C%22siteID%22%3A172975%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22160x600-1-xeQHH%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-1-xeQHH%22%2C%22siteID%22%3A172975%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22160x600-2-r7PkV%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-2-r7PkV%22%2C%22siteID%22%3A172975%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-1-wsXQ1%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-wsXQ1%22%2C%22siteID%22%3A172975%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-2-zYR0G%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-zYR0G%22%2C%22siteID%22%3A172975%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-3-GdvQO%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-GdvQO%22%2C%22siteID%22%3A172975%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-4-J2EfB%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-4-J2EfB%22%2C%22siteID%22%3A172975%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-1-IJ9Ej%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-IJ9Ej%22%2C%22siteID%22%3A172975%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-2-EXWZB%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-EXWZB%22%2C%22siteID%22%3A172975%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22970x250-1-47Myc%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22970x250-1-47Myc%22%2C%22siteID%22%3A172975%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&t=300&fn=window.proper_425c5ea6_794b603b_3
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d6fdc43ea57adf43da9080a9ce6d9318047d37f224a796467609cffc8cb9eabb

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 16:15:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1463
Expires: Thu, 14 Jan 2021 16:15:19 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
377 B 110ms
36ms XHR
application/json 18.195.225.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.3.0&referrer=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.195.225.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-195-225-18.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:16 GMT
x-auction-status: 12, 12, 12, 12, 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ 0
308 B 432ms
56ms XHR
text/html 18.196.104.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1610640916148
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 14 Jan 2021 16:15:15 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://www.rawstory.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST v1
hb-api.omnitagjs.com/hb-api/prebid/ 0
0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 116 KB
30 KB 3227ms
79ms Script
application/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: Server /
Resource Hash: dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:09:49 GMT
content-encoding: gzip
server: Server
age: 329
etag: 089c185b065ebe3e9c21625b16dea242
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: _tJcEejvI3lMG1vG763SOdL7bPxWjlBE
x-amz-cf-id: io5ePjZO6AKzObQaHJ0jFR5l7SbvYnpBPc39mtzPcPbA4MbelupLsA==

POST cdb
bidder.criteo.com/ 0
0

POST hb
hb.undertone.com/ 0
0

POST bid
ap.lijit.com/rtb/ 0
0

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
114 B 185ms
77ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Z7vRzJTDARhYz4t6e5MbAjBp&bidId=Z7vRzJTDARhYz4t6e5MbAjBp&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:16 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
114 B 148ms
40ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=XsSE32e8CmxJ3Bz5RcakedNd&bidId=XsSE32e8CmxJ3Bz5RcakedNd&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:16 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
114 B 144ms
36ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=QPKh2kvFwfDqAdSF2Qr5oVJX&bidId=QPKh2kvFwfDqAdSF2Qr5oVJX&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:16 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
115 B 142ms
35ms XHR
text/plain 35.158.189.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=hNK3WnKovGZ5vqPgC7EybA8P&bidId=hNK3WnKovGZ5vqPgC7EybA8P&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.189.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:16 GMT
access-control-allow-credentials: true
vary: Origin

POST v1
dmx.districtm.io/b/ 0
0

GET arj
propermedia-d.openx.net/w/1.0/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET
H2 200 Aoverj Show response
ad.doubleclick.net/ddm/adj/Bizqxn/ 11 B
769 B 1187ms
59ms Script
text/javascript 172.217.21.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Bizqxn/Aoverj

Requested by

Host: scrubswim.com
URL: https://scrubswim.com/v2/0/egtfdegHAd2A_V-s9LVlESD2lKxQs6fp83Y07SUuo0VxLVQEJuQ6PlYvR5voudL7LwA01I21v6r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame E3FB 0
0 40ms
20ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: scrubswim.com
URL: https://scrubswim.com/v2/0/egtfdegHAd2A_V-s9LVlESD2lKxQs6fp83Y07SUuo0VxLVQEJuQ6PlYvR5voudL7LwA01I21v6r

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1479
date: Tue, 12 Jan 2021 09:43:16 GMT
expires: Wed, 12 Jan 2022 09:43:16 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 196320
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 57 B
406 B 592ms
147ms XHR
application/json 35.190.80.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_775b9b434a4111b5921ec63da08fa029.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.80.193 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 631f22277dbbeb87727650be655e5783d26578a710c1ef042c6aee0a6e6f2996

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 16:15:16 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 57 B
406 B 1405ms
168ms XHR
application/json 35.227.203.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_775b9b434a4111b5921ec63da08fa029.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.203.40 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.203.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 29cb399e482ba5251b4abfc755eb4d33162fce55a7d6f3cf8b027fcb540174fa

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 16:15:17 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 100 B
449 B 3422ms
173ms XHR
application/json 35.227.245.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_775b9b434a4111b5921ec63da08fa029.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.245.6 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: b398ab79e9b07b93c3c93096018c281d5439364e7827350aceb6989533734726

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 16:15:19 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H2 200 local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame B645 0
0 28ms
27ms Document
text/html 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_775b9b434a4111b5921ec63da08fa029.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

:method: GET
:authority: assets.bounceexchange.com
:scheme: https
:path: /assets/bounce/local_storage_frame16.min.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

x-guploader-uploadid: ABg5-UyJlfpVkr8hwPTfoU12phr8psjE15ADIpm2sqYGxl1P2dBSgEtcCRtE0dnoiMYENRmK6lTGL5RovBSt1iw0qlM
date: Thu, 17 Dec 2020 18:37:08 GMT
expires: Fri, 17 Dec 2021 18:37:08 GMT
last-modified: Wed, 16 Dec 2020 20:57:09 GMT
etag: "13d277191471bb89c6ab604ae367b7d1"
x-goog-generation: 1608152229135566
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1055
content-type: text/html
content-encoding: gzip
x-goog-hash: crc32c=V+SSyQ== md5=E9J3GRRxu4nGq2BK42e30Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1055
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
server: UploadServer
cache-control: public,max-age=31536000
age: 2410688
alt-svc: clear

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame BE1D 4 KB
3 KB 566ms
148ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=91852
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: 62246f6f1b1e2240b9d8a6c5dd5bf595b20a508ae7e3938e12af68942438170f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:16 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2483

GET
H2 200 spacer.gif Show response
pages-stats.rbl.ms/ 43 B
213 B 114ms
109ms Fetch
image/gif 54.86.238.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pages-stats.rbl.ms/spacer.gif?1610640916333&event=post-page-view-duration&version=1&format=json&data=%7B%22site_id%22%3A20266338%2C%22roar_id%22%3A20266338%2C%22client%22%3A%22desktop%22%2C%22referrer%22%3A%22%22%2C%22duration%22%3A1000%7D
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.238.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-238-79.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
last-modified: Wed, 21 Oct 2020 16:26:25 GMT
server: openresty
etag: "5f906131-2b"
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
content-length: 43

GET
H3-Q050 200 pubads_impl_2021011203.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C8CE 275 KB
97 KB 55ms
54ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011203.js?21069794

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

13f27623b0e4ae2d4075b45e29e9267d82e4bd5e60940e8bc27d63828720f954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Jan 2021 15:38:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99278
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0DFD 275 KB
97 KB 51ms
50ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 pubads_impl_2021011202.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0DAE 276 KB
97 KB 63ms
62ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js?21069793

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

74ba50276f10c70f4c62473eacaac82a8feb54d29a4198f23cfcfb583437d43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Jan 2021 15:13:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99521
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BEFE 275 KB
97 KB 68ms
67ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js?21069792

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 pubads_impl_2021011202.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8042 276 KB
97 KB 66ms
65ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

74ba50276f10c70f4c62473eacaac82a8feb54d29a4198f23cfcfb583437d43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Jan 2021 15:13:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99521
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 pubads_impl_2021011202.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 435A 276 KB
97 KB 60ms
60ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

74ba50276f10c70f4c62473eacaac82a8feb54d29a4198f23cfcfb583437d43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Jan 2021 15:13:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99521
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 15BB 275 KB
97 KB 61ms
61ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DCEA 275 KB
97 KB 86ms
86ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 71E2 3 KB
930 B 46ms
32ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:400,600,700

Requested by

Host: kindest.azureedge.net
URL: https://kindest.azureedge.net/widget/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b381e2c45d01eec9b6c24f3bc2836d13ef18a9e75bb393e558e1a3c554ba238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 16:15:16 GMT
server: ESF
date: Thu, 14 Jan 2021 16:15:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jan 2021 16:15:16 GMT

GET
H3-Q050 200 7cHqv4kjgoGqM7E30-8s51ostz0rdg.woff2
fonts.gstatic.com/s/barlow/v5/ Frame 71E2 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E30-8s51ostz0rdg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:400,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

657ce79970865b4ae1f7c3f42715defa648bf4d5cb34949c62f7d220b2c1ed03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rawstory.com
Referer: https://fonts.googleapis.com/css?family=Barlow:400,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 14:17:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:05:21 GMT
server: sffe
age: 7064
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14200
x-xss-protection: 0
expires: Fri, 14 Jan 2022 14:17:32 GMT

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
290 B 428ms
79ms Script
text/html 35.227.229.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGzEAMpALBQJxkCsj12wAXiFALSkXYB3JACMCaYEgD6aBFADMxAEx1sAJyQEQAGxjA0IOCT4UAHkor91KJKvWqoeAIZatGAOaSYqrVAAWwYAAHAgBSOQBBEMUAMSjogQSAOlVHAQJQVQBPRNwQAFs4gEdHOANuXLg3dQICbkUaOjo5AHZSZsU47AA3NDFgSVyQAGs0JCgQ5oAhKMUtQJmwyMVFfyDQxUYIqMYY7ZiEgWTU9JAsnPy96OLSuHKDKo1a+upGlraOjd3lqIBhGdUFltvt9mgARPAgYajcZTCbgrqOVQEADaiL0uC0UkCjjcSAAulAUM4CEhuoiUT1kCBJIFqkg4MACUStCSyUjkXkQMI0JjJHl6TBJD0xMJMUziaSEeyUgJJCcspIkLhHIFxSzSYMRlJQNStIjcYSJdhhIEoPwkEEoMi8dhAoQHLk8oFXCVcFIUHq3FAgA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_775b9b434a4111b5921ec63da08fa029.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.229.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.229.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
via: 1.1 google
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
server: nginx
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame BE1D 0
303 B 511ms
129ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=91852
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:17 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

GET
H2 200 3_media.bin Show response
vid.connatix.com/820889f2-fa44-48fd-b309-cb23d60c4eb0/ Frame BE1D 264 B
493 B 110ms
41ms XHR
application/octet-stream 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/820889f2-fa44-48fd-b309-cb23d60c4eb0/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d39d9333520c68149b3616a3829ed01cd946859616db9e08502bf571e6ef7fab

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
last-modified: Tue, 12 Jan 2021 18:01:19 GMT
age: 166375
etag: "0cc8cf5a786eca9c0ae1546d7bd620fd"
x-served-by: cache-bwi5124-BWI, cache-fra19138-FRA
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-timer: S1610640917.045188,VS0,VE1
content-length: 229
x-cache-hits: 3, 1

POST
H/1.1 200
OK story Show response
capi.connatix.com/core/ Frame FE05 2 KB
2 KB 148ms
148ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=91854
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: 33ceb5b0256450957db471a89d6b8e2d240e1e9ade7eda802fb086daedd4d5ea

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:17 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1493

GET
H2 200 2.png
img.connatix.com/1e091718-9bec-4792-996d-0f25b35c582d/ 4 KB
5 KB 32ms
30ms Image
image/png 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/1e091718-9bec-4792-996d-0f25b35c582d/2.png
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 38c6a619023c2ccc160eacf33b9b3093bc28f0e8d4f665086f153a8b86a6c011

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:16 GMT
content-encoding: gzip
age: 457712
x-cache: HIT, HIT
fastly-io-info: ifsz=4535 idim=72x72 ifmt=png ofsz=4344 odim=72x72 ofmt=png
fastly-stats: io=1
content-length: 4367
x-served-by: cache-dca17766-DCA, cache-fra19175-FRA
access-control-allow-origin: *
x-timer: S1610640917.994170,VS0,VE1
etag: "nA0jc1FdQJUbzZMAZ5x1yIMIy/p4CxEsc8x3lUeHeks"
x-amz-request-id: C0A8D9EB76625C0F
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
x-cache-hits: 20, 1

POST
H2 200 s2s Show response
eb.proper.io/ 90 B
593 B 165ms
163ms XHR
application/json 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eb.proper.io/s2s?proper_uid=632fdb8e-c675-4aa1-9dbd-e617e342cce3
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a258b95166ad5cdda41fd63da4c95d27b3763248e1dba7fd24efacf45b71fd8

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.rawstory.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6118a7a38a1f2bd2-FRA
cf-request-id: 07a3471a3400002bd29f999000000001
expires: -1

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame BE1D 0
303 B 459ms
129ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=91852
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:17 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame BE1D 0
303 B 516ms
128ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=91852
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:17 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

GET
H2 200 tag Show response
9rmjh-t0k0q.ads.tremorhub.com/ad/ Frame BE1D 119 B
458 B 413ms
220ms XHR
text/xml 2600:1f18:612b:4232:186b:cfde:ffb3:b55d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://9rmjh-t0k0q.ads.tremorhub.com/ad/tag?adCode=9rmjh-njrhp&playerWidth=594&playerHeight=334&playerPosition=%5Babovethefold%5D&srcPageUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&siteName=www.rawstory.com&gdpr=1&gdpr_consent=0&us_privacy=&schain=1.0,1!ora.tv,6,1,,,
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:186b:cfde:ffb3:b55d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H2 200 1_th.jpg
img.connatix.com/820889f2-fa44-48fd-b309-cb23d60c4eb0/ 16 KB
15 KB 34ms
31ms Image
image/jpeg 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/820889f2-fa44-48fd-b309-cb23d60c4eb0/1_th.jpg?crop=594:334,smart&width=594&height=334&format=jpeg&quality=60&fit=crop
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c94e85e10bd76530a86abaf00449cf46138b63fd180d381a1c6adeff312243da

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
age: 166518
x-cache: HIT, HIT
fastly-io-info: ifsz=95831 idim=2560x1440 ifmt=jpeg ofsz=15959 odim=594x334 ofmt=jpeg
fastly-stats: io=1
content-length: 15499
x-served-by: cache-dca17760-DCA, cache-fra19175-FRA
access-control-allow-origin: *
x-timer: S1610640917.122054,VS0,VE1
etag: "QK7ZFhObaUn0dK3A8XgMOKpFCIXO45PE1YVmfZ2A+YA"
x-amz-request-id: FVBM3Q1XDX6RCPBJ
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 1

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame BE1D 225 B
486 B 547ms
173ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=91852
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: 1791f3e7eb95953cf7ad93c3ec290f0b51c215c1706605e286e5be4e899396a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:17 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 182

GET
H2 200 prebid4.17.0-1.js Show response
cds.connatix.com/p/plugins/ Frame BE1D 295 KB
93 KB 35ms
35ms Script
application/javascript 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/plugins/prebid4.17.0-1.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 32c4fccd3821d0d8026725d2dff019b56a6117d7ce153bdc9805b6157769fdaf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lrvYB3XHb57viFuFRZXI2eI3JdhiMw25
via: 1.1 varnish, 1.1 varnish
etag: "c0fb5bb4cae463319ae1edb91a8bb2f3"
age: 2090271
x-cache: MISS, HIT
x-amz-replication-status: FAILED
content-encoding: gzip
content-length: 94450
x-served-by: cache-dca17765-DCA, cache-hhn4078-HHN
last-modified: Mon, 21 Dec 2020 11:05:21 GMT
x-timer: S1610640917.128403,VS0,VE0
date: Thu, 14 Jan 2021 16:15:17 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 0, 640

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame FE05 0
303 B 509ms
128ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=91854
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:17 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

GET
H2 200 6ee402a5-79cb-4236-a828-12d2966568fa.bin Show response
vid.connatix.com/bc8fccec-358f-47ce-9188-f616a47e7960/ Frame FE05 2 KB
1003 B 36ms
36ms XHR
application/octet-stream 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/bc8fccec-358f-47ce-9188-f616a47e7960/6ee402a5-79cb-4236-a828-12d2966568fa.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e2493469dc076cef2edff02ff09f6380a65df9f7caf74fbf26c1d913d3d4f754

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 02:58:45 GMT
age: 47668
etag: "945c5c03bebbce4eb1b6025227b44926"
x-served-by: cache-bwi5140-BWI, cache-fra19138-FRA
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-timer: S1610640917.212840,VS0,VE1
content-length: 853
x-cache-hits: 4, 1

GET
H2 200 2.png
img.connatix.com/f1568efc-e8fc-403a-9a05-93db8c026da3/ 24 KB
23 KB 32ms
31ms Image
image/png 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/f1568efc-e8fc-403a-9a05-93db8c026da3/2.png
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 85408313180c256368d009d7bbabe745545a15f189a0ad2cf38a5212ad307f7c

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
age: 2037388
x-cache: HIT, HIT
fastly-io-info: ifsz=36719 idim=376x382 ifmt=png ofsz=24120 odim=376x382 ofmt=png
fastly-stats: io=1
content-length: 23631
x-served-by: cache-dca17750-DCA, cache-fra19175-FRA
access-control-allow-origin: *
x-timer: S1610640917.214904,VS0,VE1
etag: "Pnc25BPQdE7V34OYoyvHS1uh5YVEhQyqzdvTri3xIPU"
x-amz-request-id: 9Y1P8T9ZBT5ZFQBG
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
x-cache-hits: 3, 1

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame FE05 0
303 B 273ms
127ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=91854
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:17 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame FE05 0
303 B 330ms
128ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=91854
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:17 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

GET
H/1.1 200
OK 239Umqj8UoCHZovN2ZDXE16IvjXdYCHn Show response
ads.adaptv.advertising.com/a/h/ Frame FE05 2 KB
1 KB 333ms
35ms XHR
text/xml 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-45-128.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

95d9e208f851f8ec653a98c7dd504ddcf3d66a1ab519ea7d75c5c2159223d610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 942
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.dk/adsid/ Frame C8CE 109 B
169 B 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=www.rawstory.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011203.js?21069794

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C8CE 109 B
169 B 17ms
17ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.rawstory.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011203.js?21069794

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C8CE 81 KB
28 KB 326ms
326ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=10385770327326&correlator=1242156669931303&output=ldjh&impl=fifs&eid=21068773%2C21069794%2C21068442&vrg=2021011203&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210114&iu_parts=5376056%2Crawstory_story_page_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90%7C970x250%7C970x90&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D3846%26proper_site%3Drawstory%26proper_slot%3D9%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1610640917&dt=1610640917500&dlt=1610640916060&idt=520&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=3&adxs=800&adys=286&adks=2199274912&ucis=bwhxckxl33jw&ifi=1&ifk=4017256940&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&ref=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&top=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1&msz=1x1&ga_vid=1961480521.1610640918&ga_sid=1610640918&ga_hid=1667312091&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011203.js?21069794

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e6e6d8944297241305e2c09d63dba01cbc0395e4c65a9c954483d20de28f8b8f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10258053754376240794/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10258053754376240794/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMuIgv7om-4CFevFuwgddUwMQQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/10258053754376240794/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10258053754376240794/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10258053754376240794/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMuIgv7om-4CFevFuwgddUwMQQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/10258053754376240794/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27506
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 14 Jan 2021 16:15:17 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7f9f7062360a3cbd833db047114b1ae4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C8CE 0
0 32ms
13ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7f9f7062360a3cbd833db047114b1ae4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011203.js?21069794
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame C8CE 0
0 7ms
6ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011203.js?21069794
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.dk/adsid/ Frame 0DFD 109 B
781 B 45ms
30ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=www.rawstory.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0DFD 109 B
127 B 49ms
33ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.rawstory.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0DFD 41 KB
10 KB 329ms
325ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4434514663849993&correlator=1713033102025745&output=ldjh&impl=fifs&eid=21068773%2C21069690%2C21068442&vrg=2021010903&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210114&iu_parts=5376056%2Crawstory_side_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C160x600%7C300x250%7C300x600&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D3846%26proper_site%3Drawstory%26proper_slot%3D10%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1610640917&dt=1610640917554&dlt=1610640916066&idt=498&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=3&adxs=1220&adys=729&adks=4135999810&ucis=p20ohbzww06&ifi=1&ifk=4017256940&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&ref=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&top=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1&msz=1x1&ga_vid=898494430.1610640918&ga_sid=1610640918&ga_hid=1536258009&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

cfbce75fc04953d8853add071d4b575e0e75b065677c8bbd78e5340455fe3a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10518
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rawstory.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
de91ad3013e62fda1b91f59be7e79fc5.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0DFD 0
0 31ms
15ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://de91ad3013e62fda1b91f59be7e79fc5.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 0DFD 0
0 9ms
6ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.dk/adsid/ Frame 0DAE 109 B
127 B 24ms
23ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=www.rawstory.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js?21069793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0DAE 109 B
781 B 24ms
24ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.rawstory.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js?21069793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0DAE 82 KB
27 KB 323ms
313ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3978141622088719&correlator=298972811713657&output=ldjh&impl=fifs&eid=21068773%2C21069111%2C21069142%2C21069144%2C21069793&vrg=2021011202&tfcd=0&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210114&iu_parts=5376056%2Crawstory_content_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1x1%7C300x250%7C336x280%7C728x90&fluid=height&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D3846%26proper_site%3Drawstory%26proper_slot%3D11%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1610640917&dt=1610640917578&dlt=1610640916072&idt=535&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=3&adxs=622&adys=1277&adks=2823435395&ucis=aavofure39bs&ifi=1&ifk=4017256940&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&ref=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&top=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1x1&msz=1x1&ga_vid=1198939655.1610640918&ga_sid=1610640918&ga_hid=730546973&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js?21069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

b1d41975bf091b33503ae840cc61f7ec2305ef66ed3b9439a7adab8077ddfc55

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3389086557178306580/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3389086557178306580/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLqciP7om-4CFcsK4Aod0ZEK4w&gqi=&layout=/sadbundle/%24csp%253Der3%24/3389086557178306580/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3389086557178306580/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3389086557178306580/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLqciP7om-4CFcsK4Aod0ZEK4w&gqi=&layout=/sadbundle/%24csp%253Der3%24/3389086557178306580/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26998
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 14 Jan 2021 16:15:17 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7e47893f52564f71897d3510a470183f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0DAE 0
0 33ms
14ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7e47893f52564f71897d3510a470183f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js?21069793
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 0DAE 0
0 14ms
6ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js?21069793
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 54fdc047-a66b-4cd3-b068-93291ff11c94.jpg
img.connatix.com/bc8fccec-358f-47ce-9188-f616a47e7960/ 30 KB
30 KB 53ms
46ms Image
image/jpeg 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/bc8fccec-358f-47ce-9188-f616a47e7960/54fdc047-a66b-4cd3-b068-93291ff11c94.jpg?crop=780:439,smart&width=780&height=439&format=jpeg&quality=60&fit=crop
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5653ca4e2dd0dac0513d3275a549485fbf2f2be88e71ad4b3f07d587011dea43

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
age: 47795
x-cache: HIT, HIT
fastly-io-info: ifsz=88699 idim=1200x600 ifmt=jpeg ofsz=31152 odim=780x439 ofmt=jpeg
fastly-stats: io=1
content-length: 30745
x-served-by: cache-dca17727-DCA, cache-fra19175-FRA
access-control-allow-origin: *
x-timer: S1610640918.614066,VS0,VE1
etag: "ZjnP1/vqTfvZeydDXLBhWCxwWOm0A5MskxNSD0pDdhc"
x-amz-request-id: D7943757A187DFE1
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 2, 1

GET
H2 200 9da668b0-4352-4745-8a55-a0ac15a40ef4.jpg
img.connatix.com/bc8fccec-358f-47ce-9188-f616a47e7960/ 33 KB
33 KB 48ms
46ms Image
image/jpeg 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/bc8fccec-358f-47ce-9188-f616a47e7960/9da668b0-4352-4745-8a55-a0ac15a40ef4.jpg?crop=780:439,smart&width=780&height=439&format=jpeg&quality=60&fit=crop
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b65454700e2f7bf56d796bce64f5a70c07ef19678f1a978df62366f984ce17d1

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
age: 47794
x-cache: HIT, HIT
fastly-io-info: ifsz=1781220 idim=1200x600 ifmt=png ofsz=33920 odim=780x439 ofmt=jpeg
fastly-stats: io=1
content-length: 33569
x-served-by: cache-dca17746-DCA, cache-fra19175-FRA
access-control-allow-origin: *
x-timer: S1610640918.614068,VS0,VE1
etag: "pY44UeUONIjFvD1UzjhlN/bt4uCk1OjhYCCawTgq1m4"
x-amz-request-id: FDC3146859A85A86
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 1

GET
H2 200 4c7827cd-7972-4948-ae31-0c6a0fadeb5b.jpg
img.connatix.com/bc8fccec-358f-47ce-9188-f616a47e7960/ 23 KB
23 KB 43ms
42ms Image
image/jpeg 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/bc8fccec-358f-47ce-9188-f616a47e7960/4c7827cd-7972-4948-ae31-0c6a0fadeb5b.jpg?crop=780:439,smart&width=780&height=439&format=jpeg&quality=60&fit=crop
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 33b8d91232ce5b00603934b98098023f6821baf171fb07860abd41cf176fdfbb

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
age: 47795
x-cache: HIT, HIT
fastly-io-info: ifsz=72953 idim=1200x600 ifmt=jpeg ofsz=24040 odim=780x439 ofmt=jpeg
fastly-stats: io=1
content-length: 23584
x-served-by: cache-dca17721-DCA, cache-fra19175-FRA
access-control-allow-origin: *
x-timer: S1610640918.614129,VS0,VE1
etag: "at7+ETyn3ygI6BD+wLQLQuC988Prux2k23Z1oMqq3JA"
x-amz-request-id: 26CB671BE7DFCBEE
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 1

GET
H2 200 01144fd7-1d77-47a5-8a9b-da26527aa681.jpg
img.connatix.com/bc8fccec-358f-47ce-9188-f616a47e7960/ 24 KB
23 KB 69ms
68ms Image
image/jpeg 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/bc8fccec-358f-47ce-9188-f616a47e7960/01144fd7-1d77-47a5-8a9b-da26527aa681.jpg?crop=780:439,smart&width=780&height=439&format=jpeg&quality=60&fit=crop
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ce7fc3b942cc1cff4508149e589b505cf003d9e4f835cf6b60e4f41f3a71adc3

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
age: 47795
x-cache: HIT, HIT
fastly-io-info: ifsz=67839 idim=1200x600 ifmt=jpeg ofsz=24261 odim=780x439 ofmt=jpeg
fastly-stats: io=1
content-length: 23810
x-served-by: cache-dca17770-DCA, cache-fra19175-FRA
access-control-allow-origin: *
x-timer: S1610640918.618152,VS0,VE1
etag: "A1cSbaYDD0HcvdQM2ya4oWdaV2PRpDyx/xze1GUCscw"
x-amz-request-id: 59A5F4C58D835208
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 1

GET
H2 200 1330be22-a8f5-45e7-b030-c3497d61f068.jpg
img.connatix.com/bc8fccec-358f-47ce-9188-f616a47e7960/ 38 KB
38 KB 67ms
67ms Image
image/jpeg 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/bc8fccec-358f-47ce-9188-f616a47e7960/1330be22-a8f5-45e7-b030-c3497d61f068.jpg?crop=780:439,smart&width=780&height=439&format=jpeg&quality=60&fit=crop
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ff4324262f75ff9ae01280adae095ad6fb8f1419282efc04e9d577e94bc199dd

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
age: 47795
x-cache: HIT, HIT
fastly-io-info: ifsz=108141 idim=1200x600 ifmt=jpeg ofsz=39293 odim=780x439 ofmt=jpeg
fastly-stats: io=1
content-length: 38954
x-served-by: cache-dca17758-DCA, cache-fra19175-FRA
access-control-allow-origin: *
x-timer: S1610640918.618150,VS0,VE1
etag: "nnaasgwPkt8U8EH4/3XWtFh6dHDeJvhn0xImKdjlMd0"
x-amz-request-id: EC44637DDCE63D62
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 2, 1

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame FE05 234 B
504 B 328ms
277ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=91854
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: a1439d81b4d7ab9b98ddc6a34094672367ba87a280b7705ac5f8b2bb1661bb18

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:17 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 200

GET
H2 200 prebid4.17.0-1.js Show response
cds.connatix.com/p/plugins/ Frame FE05 295 KB
92 KB 34ms
33ms Script
application/javascript 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/plugins/prebid4.17.0-1.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 32c4fccd3821d0d8026725d2dff019b56a6117d7ce153bdc9805b6157769fdaf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: lrvYB3XHb57viFuFRZXI2eI3JdhiMw25
via: 1.1 varnish, 1.1 varnish
etag: "c0fb5bb4cae463319ae1edb91a8bb2f3"
age: 2090272
x-cache: MISS, HIT
x-amz-replication-status: FAILED
content-encoding: gzip
content-length: 94450
x-served-by: cache-dca17765-DCA, cache-hhn4078-HHN
last-modified: Mon, 21 Dec 2020 11:05:21 GMT
x-timer: S1610640918.622967,VS0,VE0
date: Thu, 14 Jan 2021 16:15:17 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 0, 641

GET
H/1.1 200
OK 239Umqj8UoCHZovN2ZDXE16IvjXdYCHn Show response
ads.adaptv.advertising.com/a/h/ Frame BE1D 2 KB
1 KB 168ms
35ms XHR
text/xml 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-45-128.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

b276fafa8b24db9036f9fe3de18da4feca18534d06b24ab70d548b7aef735fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 940
expires: 0

GET
H2 200 sync
pre.ads.justpremium.com/v/1.0/t/ Frame 0897 0
0 39ms
36ms Document
text/html 35.156.26.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/sync?
Requested by: Host: us.ads.justpremium.com
URL: https://us.ads.justpremium.com/adserve/js.php?zone=68057
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.26.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-26-195.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: pre.ads.justpremium.com
:scheme: https
:path: /v/1.0/t/sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

date: Thu, 14 Jan 2021 16:15:17 GMT
content-type: text/html; charset=utf-8
cache-control: public, no-cache, no-store, must-revalidate

GET
H2 200 / Show response
us.ads.justpremium.com/adserve/client/ 7 KB
2 KB 51ms
49ms XHR
application/json 35.156.26.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ads.justpremium.com/adserve/client/?zone=68057&debug=1&ru=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&sw=1600&sh=1200&ww=1600&wh=1200&ui=r-767d531d-ee2e-40b2-8acc-a5123b1d9280-104346-914356507&tt=1610640917645&rid=r-d48df8db-a072-469a-8fcc-31e2a4ba2130-104346-914305771&eu=1&cs=
Requested by: Host: us.ads.justpremium.com
URL: https://us.ads.justpremium.com/adserve/js.php?zone=68057
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.26.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-26-195.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: db46379ec5c9eecda8f9563ab35ef361aef479a2a8779baae9327f7d2af887f1

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:17 GMT
cache-control: public, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BE1D 316 KB
109 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f116b1dfa880b849490966cdfe4716bf9c2b7a04f5b7671fa9840f736bc370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111353
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:17 GMT

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ Frame 734E 43 B
332 B 32ms
32ms Image
image/gif 3.125.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=r-d48df8db-a072-469a-8fcc-31e2a4ba2130-104346-914305771&sid=r-4463406e-8afa-4a8e-a66e-d707143efee2-30856-88511121&uid=&vr=v2.50.375&ru=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&tt=1610640917712&siw=1160&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.0&vn=eu-central-1&sd=&_c=a7j2ofg1610640917712&et=&aid=282398,282398,282398,282398,282398,313088,313088,313088,313088,313088,298236,298236,298236,298236&said=1015224,1015225,1015226,1015227,1053737,675040,654554,654553,654552,1017296,685922,685923,685924,1040915&ei=541166864%2C22338131%2C19723160%2C430427%2C%2F21711633394%2Frawstory.com_US_PushUp-Billboard_68057%2C%2F21711633394%2Frawstory.com_US_Page-Peel_68057%2C22156097%2C17424062%2C540884829%2C430436%2C540955932%2C18352111%2C22213954%2C430429&fc=pu,pu,pu,pu,pu,pa,pa,pa,pa,pa,ca,ca,ca,ca&sp=22,1,32,39,13,13,1,32,22,39,22,32,1,39&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=68057&dr=67&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A8946%7D&ty=ex
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-0-64.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 16:15:17 GMT
Last-Modified: Tue, 25 Feb 2020 12:05:29 GMT
Server: nginx
ETag: "5e550d89-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

POST
H2 200 / Show response
pre.ads.justpremium.com/v/1.0/t/singletag/ 2 B
215 B 151ms
150ms XHR
application/json 35.156.26.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/singletag/?i=1610640917717
Requested by: Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.26.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-26-195.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:17 GMT
cache-control: public, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

GET
H3-Q050 200 bridge3.433.1_en.html
imasdk.googleapis.com/js/core/ Frame 7663 0
0 42ms
23ms Document
text/html 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.433.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.433.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191997
date: Thu, 07 Jan 2021 20:55:20 GMT
expires: Fri, 07 Jan 2022 20:55:20 GMT
last-modified: Thu, 07 Jan 2021 20:50:43 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 587997
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame BE1D 26 KB
11 KB 49ms
15ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:17 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame BE1D 109 B
127 B 20ms
19ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 tag Show response
9rmjh-t0k0q.ads.tremorhub.com/ad/ Frame FE05 119 B
466 B 204ms
199ms XHR
text/xml 2600:1f18:612b:4232:186b:cfde:ffb3:b55d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://9rmjh-t0k0q.ads.tremorhub.com/ad/tag?adCode=9rmjh-o4qdy&playerWidth=780&playerHeight=439&playerPosition=%5Babovethefold%5D&srcPageUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&siteName=www.rawstory.com&gdpr=1&gdpr_consent=0&us_privacy=&schain=1.0,1!ora.tv,6,1,,,
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:186b:cfde:ffb3:b55d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ Frame 734E 43 B
332 B 34ms
32ms Image
image/gif 3.125.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=r-d48df8db-a072-469a-8fcc-31e2a4ba2130-104346-914305771&sid=r-4463406e-8afa-4a8e-a66e-d707143efee2-30856-88511121&uid=&vr=v2.50.375&ru=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&tt=1610640917816&siw=1160&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.0&vn=eu-central-1&sd=&_c=ahn87i81610640917816&et=&aid=282398,282398,282398,282398,313088,313088,313088,313088,298236,298236,298236,298236&said=1015224,1015225,1015226,1015227,654554,654553,654552,1017296,685922,685923,685924,1040915&ei=541166864%2C22338131%2C19723160%2C430427%2C22156097%2C17424062%2C540884829%2C430436%2C540955932%2C18352111%2C22213954%2C430429&fc=pu,pu,pu,pu,pa,pa,pa,pa,ca,ca,ca,ca&sp=22,1,32,39,1,32,22,39,22,32,1,39&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=68057&dr=171&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A8946%7D&ty=adr
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-0-64.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 16:15:17 GMT
Last-Modified: Tue, 25 Feb 2020 12:05:29 GMT
Server: nginx
ETag: "5e550d89-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C8CE 0
66 B 14ms
14ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=10385770327326&r=1x1%7C728x90%7C970x250%7C970x90&w=970&h=250&a=0

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
7f9f7062360a3cbd833db047114b1ae4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 8F92 0
0 87ms
40ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7f9f7062360a3cbd833db047114b1ae4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011203.js?21069794

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7f9f7062360a3cbd833db047114b1ae4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Thu, 14 Jan 2021 16:15:17 GMT
expires: Fri, 14 Jan 2022 16:15:17 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8CE 74 KB
28 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011203.js?21069794

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a696a23c4b36e659fab82d44eb299057572792121a95f79fa51e2e57df5b8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1610541315364515"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28321
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:17 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C8CE 9 KB
7 KB 50ms
34ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021011203&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011203.js?21069794

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c8f3701a019b198cfb5cc4a81658d40b30eabdbfa627dafac6f19f649824631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6733
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame A0F5 180 KB
50 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 112489
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Wed, 13 Jan 2021 09:00:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jan 2022 09:00:28 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A0F5 13 KB
5 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 112490
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 13 Jan 2021 09:00:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jan 2022 09:00:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A0F5 90 KB
27 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 112490
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 13 Jan 2021 09:00:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jan 2022 09:00:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A0F5 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 112489
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 13 Jan 2021 09:00:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jan 2022 09:00:28 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A0F5 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 112490
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 13 Jan 2021 09:00:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jan 2022 09:00:27 GMT

GET
DATA 200
OK truncated
/ Frame A0F5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57b237daf5fde0063a3516385c6e4aae197876032d0cb0392cc6957e41498f5b

Request headers

Referer: https://www.rawstory.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 16879487579584208503
tpc.googlesyndication.com/simgad/ Frame A0F5 106 KB
106 KB 13ms
12ms Image
image/gif 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16879487579584208503

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ab5ec0aa53e16e3757e8ace2efe8c003ee594693c306fde1dd421036a67299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 19:23:33 GMT
x-content-type-options: nosniff
age: 75104
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108199
x-xss-protection: 0
last-modified: Tue, 08 Dec 2020 04:00:47 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jan 2022 19:23:33 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A0F5 2 KB
3 KB 12ms
11ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Jan 2021 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 60050
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 14 Jan 2021 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A0F5 295 B
389 B 13ms
12ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Jan 2021 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 66116
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 14 Jan 2021 21:53:21 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A0F5 0
0 65ms
64ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKlfxFW4AYLaQJsLZ7_UP2da-8APty4T9YNbbwvz7DN7ZHhABINjqtiBg0YG5gtAHoAGl44XZA8gBA-ACAKgDAcgDCKoEjgJP0EENgTwKnYZnyaBQjEPX4o09gCzhgTC36lgRVB8H5MoCNgUaRCadfzTM69CiOvQ-sOzPDI7cPtBwHQozQmuX9Y57Tr4wlDcaXMpLK1OzWq4XcIANJ-hR1hB4r27IBThbolx9I0VJnNyETQBJAnlM3PAI35LVDR6lO8Ha085ae7Su1NwEMBZOINDlhu5GK1CTpU8h7tv7y4Q6MIAnEdeLZscWshioqLG6f-Bf9De2NqxCgo2-cLBNEUlwq2g5l8N3ZvXZMlbmbcDts65kLaVu0kgrvF7cwnynSPgAXT057mpOzQKgdJnl41YqRUxxjrb6XrYpM-ZKs-8rQg_PTvyUc_HL6xf4awVVvsFpZkjABPvF47vEA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYDgAeSgK1-qAfVyRuoB_DZG6gH8tkbqAeUmLECqAel3xuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ-M4P0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xODg4MTAxMjcyMjE1NDA5gAoDyAsB2BMNshcaChgIABIUcHViLTY4OTc5MDIxOTE3MTQ4MzM&sigh=bYqx-lZM8C8&tpd=AGWhJmsH3YOAGALcP5NS-mLiYfEYmvDLzQY0sOXl15Onta9lBg
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rawstory.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0DFD 9 KB
7 KB 36ms
25ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021010903&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c58f7298186b2bda4df0c017cb836feb69e02f38069cebb3896f03e523085330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6855
x-xss-protection: 0

GET
H3-Q050 200 container.html
7e47893f52564f71897d3510a470183f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 8240 0
0 70ms
41ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7e47893f52564f71897d3510a470183f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js?21069793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7e47893f52564f71897d3510a470183f.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Thu, 14 Jan 2021 16:15:17 GMT
expires: Fri, 14 Jan 2022 16:15:17 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DAE 74 KB
28 KB 62ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js?21069793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a696a23c4b36e659fab82d44eb299057572792121a95f79fa51e2e57df5b8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1610541315364515"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28321
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:18 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0DAE 9 KB
7 KB 51ms
22ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021011202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js?21069793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

191f6ac56681eb03639522f6f7a3ec97429d828da5cc6bd03207a4cfe7a7ad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6815
x-xss-protection: 0

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame E7D9 15 KB
7 KB 188ms
49ms Script
application/javascript 79.125.103.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1249306&orgId=19368&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vrid=287fd966-126b-4131-b87b-95e465783aaf&pblob=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.103.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-103-162.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f5e14a40380a192519639636c7797000c7bd3fec1b020b18cc01898a7eb287eb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6654

GET
H2 200 jpx.Pu.js Show response
cdn.justpremium.com/js/v2.50.375/ 14 KB
4 KB 50ms
35ms Script
text/javascript 143.204.215.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justpremium.com/js/v2.50.375/jpx.Pu.js?v=v2.50.375
Requested by: Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-70.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4aea61a21f24cc092946552051769debe82f6dc4773503fd0f2b41c341e626dc

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 03:47:00 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 14:17:31 GMT
server: AmazonS3
age: 2204899
etag: W/"f8d8f913d119d7681cfe62fd46916378"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000, s-maxage=2592000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: apYn1EmaqPzFUy0tgzedPTXESn8uT793BXifINNuOZ2Zozt71Jvw_g==

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C8CE 16 KB
6 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011203.js?21069794

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:18 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0DFD 16 KB
6 KB 25ms
16ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:18 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0DAE 16 KB
6 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js?21069793

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:18 GMT

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 207ms
206ms XHR
application/octet-stream 34.218.102.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.218.102.95 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-218-102-95.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 14 Jan 2021 16:15:18 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A0F5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

45ms
42ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 14 Jan 2021 16:15:18 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9D7C 55 KB
19 KB 25ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67c53ae0376cff4c5e0d35104820d0b2b8ab20c94a32e477db95ae74a2c84db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "754 / 600 of 1000 / last-modified: 1610626221"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18975
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:18 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 7DB4 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Thu, 14 Jan 2021 16:03:35 GMT
expires: Fri, 14 Jan 2022 16:03:35 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 703
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 5DF8 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Thu, 14 Jan 2021 16:03:35 GMT
expires: Fri, 14 Jan 2022 16:03:35 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 703
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 70F6 0
0 7ms
7ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Thu, 14 Jan 2021 16:03:35 GMT
expires: Fri, 14 Jan 2022 16:03:35 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 703
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/ Frame E7D9 321 KB
104 KB 74ms
17ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js

Requested by

Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1249306&orgId=19368&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vrid=287fd966-126b-4131-b87b-95e465783aaf&pblob=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

66dd5033bfecfeef06d05c3c5115bdba91710813b07c6635f91f0424223d43b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 12 Jan 2021 17:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167397
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 105542
x-amz-id-2: UjBc+6nJqWJnaUBlM0cjwolgBt75XWDzAFv2/dhUPxsHhKgoi3gNapUYoeM4fr6Zg+XeBYrFHUc=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Dec 2020 16:21:44 GMT
server: ATS
etag: "d3e6dcf5eb86c562a4a5c5fa218f09fe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: 22883B63C2F80862
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H3-Q050 200 16879487579584208503
tpc.googlesyndication.com/simgad/ Frame A0F5 106 KB
106 KB 7ms
6ms Image
image/gif 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16879487579584208503

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ab5ec0aa53e16e3757e8ace2efe8c003ee594693c306fde1dd421036a67299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 19:23:33 GMT
x-content-type-options: nosniff
age: 75105
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108199
x-xss-protection: 0
last-modified: Tue, 08 Dec 2020 04:00:47 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jan 2022 19:23:33 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A0F5 2 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Jan 2021 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 60051
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 14 Jan 2021 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A0F5 295 B
389 B 8ms
7ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Jan 2021 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 66117
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 14 Jan 2021 21:53:21 GMT

GET
H2 200 spacer.gif Show response
pages-stats.rbl.ms/ 43 B
212 B 127ms
106ms Fetch
image/gif 54.86.238.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pages-stats.rbl.ms/spacer.gif?1610640918446&event=post-page-view-duration&version=1&format=json&data=%7B%22site_id%22%3A20266338%2C%22roar_id%22%3A20266338%2C%22client%22%3A%22desktop%22%2C%22referrer%22%3A%22%22%2C%22duration%22%3A2000%7D
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.238.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-238-79.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
last-modified: Wed, 20 May 2020 10:03:24 GMT
server: openresty
etag: "5ec5006c-2b"
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
content-length: 43

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame E7D9 43 B
246 B 129ms
34ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=5909e4257cdce053ec93786e&s=true&pv=10.2.59&ifr=true&cb=0.38230572274248864&pt=o2unit&sid=45b17aa1-d3c9-4b43-93c7-ca42c9785a27&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:18 GMT

GET
H3-Q050 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9D7C 275 KB
97 KB 56ms
55ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:18 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ Frame E7D9 133 KB
44 KB 101ms
31ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 844FF664DE0AB17A
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=61225
accept-ranges: bytes
content-length: 44266
x-amz-id-2: KrpVRZD3M0T4g9xUncS5g3siU6Z/qnTuCp2KYOKEtN/tCl8UaA8yn/9PP1OCFx0nXyimfljs5VQ=

GET
H2 200 local-storage.html
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame 2381 0
0 17ms
17ms Document
text/html 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-id-2: qDYpppNXGhnAkfScyy7ID+36mQ1viwLFVgrxrfJyfNr/GyzArkSuU5Z0HesbOND4TdApnPSu7Wg=
x-amz-request-id: E820B63DA388B9DA
date: Wed, 06 Jan 2021 21:31:03 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
age: 672256
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK 239Umqj8UoCHZovN2ZDXE16IvjXdYCHn Show response
ads.adaptv.advertising.com/a/h/ Frame E7D9 249 B
546 B 69ms
67ms XHR
text/xml 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/239Umqj8UoCHZovN2ZDXE16IvjXdYCHn?cb=c19eb6811610640917416&gdpr=1&gdpr_consent=0&pet=preroll&pageUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&eov=eov&us_privacy=&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=439&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=780

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-45-128.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame E7D9 43 B
245 B 33ms
31ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=45b17aa1-d3c9-4b43-93c7-ca42c9785a27&vvuid=f96362a3-8372-4c28-adad-4a44f57eb74c&orgId=19368&plcid=1249306&vrid=287fd966-126b-4131-b87b-95e465783aaf&ab=0&dt=251&h=439&spaceid=793604934&w=780&cb=0.12803227911040027
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:18 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame E7D9 43 B
245 B 33ms
32ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=45b17aa1-d3c9-4b43-93c7-ca42c9785a27&vvuid=f96362a3-8372-4c28-adad-4a44f57eb74c&orgId=19368&plcid=1249306&vrid=287fd966-126b-4131-b87b-95e465783aaf&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.8161740189367701
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:18 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame E7D9 43 B
245 B 41ms
40ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=45b17aa1-d3c9-4b43-93c7-ca42c9785a27&vvuid=f96362a3-8372-4c28-adad-4a44f57eb74c&orgId=19368&plcid=1249306&vrid=287fd966-126b-4131-b87b-95e465783aaf&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=780&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=439&cb=0.8942717410845444
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:18 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9D7C 109 B
169 B 19ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.rawstory.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9D7C 109 B
150 B 17ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.rawstory.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
securepubads.g.doubleclick.net/gampad/ Frame 9D7C 376 B
0 333ms
333ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3406699053214745&correlator=294009678254342&output=ldjh&impl=fifs&eid=21068773%2C21069803&vrg=2021010903&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210114&iu_parts=21711633394%2Crawstory.com_US_PushUp-Billboard_68057&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C800x280%7C970x500%7C980x120%7C980x150%7C980x240%7C980x300%7C930x180%7C970x90%7C800x250%7C640x100%7C930x600&eri=1&cookie=ID%3D72bf29d2a08a137f%3AT%3D1610640917%3AS%3DALNI_MaHbjDkJPqxf6wW5-NBX-yb5Mrh7w&bc=31&abxe=1&lmt=1610640918&dt=1610640918788&dlt=1610640918368&idt=396&ea=0&frm=23&biw=1600&bih=1200&ish=150&oid=3&adxs=0&adys=9196&adks=4011928862&ucis=ixx3zlnznqe9&ifi=1&ifk=2849114248&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&ref=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&top=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x250&msz=0x250&ga_vid=1966761833.1610640919&ga_sid=1610640919&ga_hid=207927873&fws=260&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 175
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a493a6b486cc0c596130f9b72f16ccce.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9D7C 0
0 29ms
14ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a493a6b486cc0c596130f9b72f16ccce.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 9D7C 0
0 7ms
6ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ad-engine-response.gif
trk.vidible.tv/trk/ Frame E7D9 43 B
245 B 33ms
32ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=45b17aa1-d3c9-4b43-93c7-ca42c9785a27&vvuid=f96362a3-8372-4c28-adad-4a44f57eb74c&orgId=19368&plcid=1249306&vrid=287fd966-126b-4131-b87b-95e465783aaf&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=780&aert=138&ar=no&fo=0&ft=0&h=439&cb=0.17997182628552277
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:18 GMT

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame 7365 15 KB
7 KB 53ms
47ms Script
application/javascript 79.125.103.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1249306&orgId=19368&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vrid=e177a7f9-d0c4-49f1-acd4-92e0f895c71c&pblob=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.103.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-103-162.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ad1ce3d987d618f3c8fcb8fd68a0d0b1d908493b2b3672cf254f277b1cce307c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6654

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 37ms
35ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1610640918900&de=688248628437&d=105%3A-%3A-%3A-&bo=rawstory.com&bd=rawstory.com&f=0&cs=0
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:18 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 14 Jan 2021 16:15:18 GMT

GET
H2 200 tag Show response
9rmjh-t0k0q.ads.tremorhub.com/ad/ Frame FE05 119 B
466 B 202ms
202ms XHR
text/xml 2600:1f18:612b:4232:186b:cfde:ffb3:b55d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://9rmjh-t0k0q.ads.tremorhub.com/ad/tag?adCode=9rmjh-o4qdy&playerWidth=780&playerHeight=439&playerPosition=%5Babovethefold%5D&srcPageUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&siteName=www.rawstory.com&gdpr=1&gdpr_consent=0&us_privacy=&schain=1.0,1!ora.tv,6,1,,,
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:186b:cfde:ffb3:b55d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:19 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ Frame 734E 43 B
332 B 33ms
32ms Image
image/gif 3.125.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=r-d48df8db-a072-469a-8fcc-31e2a4ba2130-104346-914305771&sid=r-4463406e-8afa-4a8e-a66e-d707143efee2-30856-88511121&uid=&vr=v2.50.375&ru=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&tt=1610640918940&siw=1160&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.0&vn=eu-central-1&sd=&_c=apkj3xp1610640918940&et=&aid=282398&said=1053737&ei=%2F21711633394%2Frawstory.com_US_PushUp-Billboard_68057&fc=pu&sp=13&at=adserver&cid=&ist=0&mg=&dl=&dlt=&ev=&vt=&zid=68057&dr=1295&di=&pr=&cw=970&ch=250&nt=&st=&jp=%7B%22ph%22%3A9196%7D&ty=adr
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-0-64.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 16:15:18 GMT
Last-Modified: Tue, 25 Feb 2020 12:05:29 GMT
Server: nginx
ETag: "5e550d89-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/ Frame 7365 321 KB
103 KB 17ms
17ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

66dd5033bfecfeef06d05c3c5115bdba91710813b07c6635f91f0424223d43b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 12 Jan 2021 17:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167397
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 105542
x-amz-id-2: UjBc+6nJqWJnaUBlM0cjwolgBt75XWDzAFv2/dhUPxsHhKgoi3gNapUYoeM4fr6Zg+XeBYrFHUc=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Dec 2020 16:21:44 GMT
server: ATS
etag: "d3e6dcf5eb86c562a4a5c5fa218f09fe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: 22883B63C2F80862
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame 7365 43 B
245 B 34ms
33ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=5909e4257cdce053ec93786e&s=true&pv=10.2.59&ifr=true&cb=0.9276348882857648&pt=o2unit&sid=4731852f-b906-42c1-81a8-0d06c9a5e443&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:18 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:18 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ Frame 7365 133 KB
44 KB 36ms
36ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 844FF664DE0AB17A
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=61224
accept-ranges: bytes
content-length: 44266
x-amz-id-2: KrpVRZD3M0T4g9xUncS5g3siU6Z/qnTuCp2KYOKEtN/tCl8UaA8yn/9PP1OCFx0nXyimfljs5VQ=

GET
H2 200 local-storage.html
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame BC60 0
0 21ms
21ms Document
text/html 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-id-2: qDYpppNXGhnAkfScyy7ID+36mQ1viwLFVgrxrfJyfNr/GyzArkSuU5Z0HesbOND4TdApnPSu7Wg=
x-amz-request-id: E820B63DA388B9DA
date: Wed, 06 Jan 2021 21:31:03 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
age: 672257
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK 239Umqj8UoCHZovN2ZDXE16IvjXdYCHn Show response
ads.adaptv.advertising.com/a/h/ Frame 7365 249 B
546 B 50ms
49ms XHR
text/xml 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/239Umqj8UoCHZovN2ZDXE16IvjXdYCHn?cb=ccd259ee1610640917618&gdpr=1&gdpr_consent=0&pet=preroll&pageUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&eov=eov&us_privacy=&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=334&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=594

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-45-128.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame 7365 43 B
245 B 35ms
33ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=4731852f-b906-42c1-81a8-0d06c9a5e443&vvuid=19123d14-e766-4a4d-afe7-f43b39fec507&orgId=19368&plcid=1249306&vrid=e177a7f9-d0c4-49f1-acd4-92e0f895c71c&ab=0&dt=85&h=334&spaceid=793604934&w=594&cb=0.4166688240973411
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame 7365 43 B
245 B 35ms
34ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=4731852f-b906-42c1-81a8-0d06c9a5e443&vvuid=19123d14-e766-4a4d-afe7-f43b39fec507&orgId=19368&plcid=1249306&vrid=e177a7f9-d0c4-49f1-acd4-92e0f895c71c&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.2520354818742938
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame 7365 43 B
245 B 34ms
33ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=4731852f-b906-42c1-81a8-0d06c9a5e443&vvuid=19123d14-e766-4a4d-afe7-f43b39fec507&orgId=19368&plcid=1249306&vrid=e177a7f9-d0c4-49f1-acd4-92e0f895c71c&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=594&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=334&cb=0.6877878430484778
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 39ms
39ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1610640919087&de=318319558229&d=73%3A-%3A-%3A-&bo=rawstory.com&bd=rawstory.com&f=0&cs=0
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H/1.1 200
OK 239Umqj8UoCHZovN2ZDXE16IvjXdYCHn Show response
ads.adaptv.advertising.com/a/h/ Frame FE05 2 KB
1 KB 46ms
33ms XHR
text/xml 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-45-128.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

54c08aae93733bb314e8fdca842c1404e032af61baa088641f4d98c231a4e7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 941
expires: 0

GET
H2 200 ad-engine-response.gif
trk.vidible.tv/trk/ Frame 7365 43 B
245 B 33ms
31ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=4731852f-b906-42c1-81a8-0d06c9a5e443&vvuid=19123d14-e766-4a4d-afe7-f43b39fec507&orgId=19368&plcid=1249306&vrid=e177a7f9-d0c4-49f1-acd4-92e0f895c71c&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=594&aert=82&ar=no&fo=0&ft=0&h=334&cb=0.49039691763736126
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H2 200 tag Show response
9rmjh-t0k0q.ads.tremorhub.com/ad/ Frame BE1D 119 B
457 B 227ms
225ms XHR
text/xml 2600:1f18:612b:4232:186b:cfde:ffb3:b55d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://9rmjh-t0k0q.ads.tremorhub.com/ad/tag?adCode=9rmjh-njrhp&playerWidth=594&playerHeight=334&playerPosition=%5Babovethefold%5D&srcPageUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&siteName=www.rawstory.com&gdpr=1&gdpr_consent=0&us_privacy=&schain=1.0,1!ora.tv,6,1,,,
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:186b:cfde:ffb3:b55d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:19 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H2 200 jpx.Pa.js Show response
cdn.justpremium.com/js/v2.50.375/ 14 KB
4 KB 58ms
55ms Script
text/javascript 143.204.215.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.justpremium.com/js/v2.50.375/jpx.Pa.js?v=v2.50.375
Requested by: Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-70.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8bd7c6148671cd880c8025f64b6c0394adc3ca3a9079bb992a0d71b705acb540

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 11:48:49 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 14:17:26 GMT
server: AmazonS3
age: 2435191
etag: W/"c92b3356377b51c92795f1b7f5c88ebe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000, s-maxage=2592000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: e4cO6LT4uazu-V_5CPfbTQbMYTL83zoAgptd9W4cksQ4cbrmyTszhA==

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame 5BB6 15 KB
7 KB 60ms
60ms Script
application/javascript 79.125.103.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1249306&orgId=19368&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vrid=449a826b-4460-4569-a420-9c6bd2a22635&pblob=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.103.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-103-162.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3a7cb9bcb32612acd354ba9fef4b11cf09b2b7ab19f6b723511e5450e2238a84

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6650

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4706 55 KB
19 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67c53ae0376cff4c5e0d35104820d0b2b8ab20c94a32e477db95ae74a2c84db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "754 / 759 of 1000 / last-modified: 1610626221"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18975
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/ Frame 5BB6 321 KB
103 KB 17ms
17ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

66dd5033bfecfeef06d05c3c5115bdba91710813b07c6635f91f0424223d43b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 12 Jan 2021 17:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167398
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 105542
x-amz-id-2: UjBc+6nJqWJnaUBlM0cjwolgBt75XWDzAFv2/dhUPxsHhKgoi3gNapUYoeM4fr6Zg+XeBYrFHUc=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Dec 2020 16:21:44 GMT
server: ATS
etag: "d3e6dcf5eb86c562a4a5c5fa218f09fe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: 22883B63C2F80862
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame 5BB6 43 B
245 B 77ms
76ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=5909e4257cdce053ec93786e&s=true&pv=10.2.59&ifr=true&cb=0.865607908256911&pt=o2unit&sid=0ed0b75f-b320-4e2c-9df5-88786084db4e&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H2 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4706 275 KB
97 KB 64ms
62ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H2 200 bridge3.433.1_en.html
imasdk.googleapis.com/js/core/ Frame BF29 0
0 11ms
6ms Document
text/html 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.433.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.433.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191997
date: Thu, 07 Jan 2021 20:55:20 GMT
expires: Fri, 07 Jan 2022 20:55:20 GMT
last-modified: Thu, 07 Jan 2021 20:50:43 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 587999
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ Frame 5BB6 133 KB
44 KB 51ms
51ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 844FF664DE0AB17A
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=61224
accept-ranges: bytes
content-length: 44266
x-amz-id-2: KrpVRZD3M0T4g9xUncS5g3siU6Z/qnTuCp2KYOKEtN/tCl8UaA8yn/9PP1OCFx0nXyimfljs5VQ=

GET
H2 200 local-storage.html
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame A9E5 0
0 22ms
21ms Document
text/html 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-id-2: qDYpppNXGhnAkfScyy7ID+36mQ1viwLFVgrxrfJyfNr/GyzArkSuU5Z0HesbOND4TdApnPSu7Wg=
x-amz-request-id: E820B63DA388B9DA
date: Wed, 06 Jan 2021 21:31:03 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
age: 672257
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK 239Umqj8UoCHZovN2ZDXE16IvjXdYCHn Show response
ads.adaptv.advertising.com/a/h/ Frame 5BB6 249 B
546 B 84ms
82ms XHR
text/xml 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/239Umqj8UoCHZovN2ZDXE16IvjXdYCHn?cb=a010c3971610640919119&gdpr=1&gdpr_consent=0&pet=preroll&pageUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&eov=eov&us_privacy=&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=439&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=780

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-45-128.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame 5BB6 43 B
245 B 82ms
81ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=0ed0b75f-b320-4e2c-9df5-88786084db4e&vvuid=0f1861c9-1b36-4f6e-bd1f-6df55f265552&orgId=19368&plcid=1249306&vrid=449a826b-4460-4569-a420-9c6bd2a22635&ab=0&dt=195&h=439&spaceid=793604934&w=780&cb=0.49299062565954443
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame 5BB6 43 B
245 B 74ms
73ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=0ed0b75f-b320-4e2c-9df5-88786084db4e&vvuid=0f1861c9-1b36-4f6e-bd1f-6df55f265552&orgId=19368&plcid=1249306&vrid=449a826b-4460-4569-a420-9c6bd2a22635&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.9151559346967142
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame 5BB6 43 B
245 B 75ms
74ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=0ed0b75f-b320-4e2c-9df5-88786084db4e&vvuid=0f1861c9-1b36-4f6e-bd1f-6df55f265552&orgId=19368&plcid=1249306&vrid=449a826b-4460-4569-a420-9c6bd2a22635&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=780&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=439&cb=0.5809395316959252
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4706 109 B
169 B 18ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.rawstory.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4706 109 B
169 B 19ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.rawstory.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
securepubads.g.doubleclick.net/gampad/ Frame 4706 480 B
0 389ms
389ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3028637889075981&correlator=2649036365232072&output=ldjh&impl=fifs&eid=21068425%2C21068773%2C21069142%2C21068812&vrg=2021010903&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210114&iu_parts=21711633394%2Crawstory.com_US_Page-Peel_68057&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x320%7C336x280&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1610640919&dt=1610640919580&dlt=1610640919268&idt=234&ea=0&frm=23&biw=1600&bih=1200&ish=150&oid=3&adxs=0&adys=9196&adks=3061490141&ucis=pxrnbmxazzvc&ifi=1&ifk=2849114248&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&ref=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&top=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x250&msz=0x250&ga_vid=1753185537.1610640920&ga_sid=1610640920&ga_hid=384349983&fws=260&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
8848be742946b8396069e5e864b7a0ec.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4706 0
0 30ms
15ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://8848be742946b8396069e5e864b7a0ec.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4706 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ad-engine-response.gif
trk.vidible.tv/trk/ Frame 5BB6 43 B
245 B 32ms
32ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=0ed0b75f-b320-4e2c-9df5-88786084db4e&vvuid=0f1861c9-1b36-4f6e-bd1f-6df55f265552&orgId=19368&plcid=1249306&vrid=449a826b-4460-4569-a420-9c6bd2a22635&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=780&aert=179&ar=no&fo=0&ft=0&h=439&cb=0.7216700046569577
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 114ms
37ms XHR
application/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 04:01:37 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 44023
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 23 Dec 2020 21:52:09 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: qvfBoISJ5ymXoV8clHCjrjeaYCNnawpM
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: E3MG3EbtZkCSqTFPYbTAX-ShQi-lmZoH-SGA-f2Il262wdUO2DIbWw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
370 B 84ms
83ms XHR
text/javascript 99.86.5.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&pid=ubCZzEAZOjMJJ&cb=0&ws=1600x1200&v=7.58.01&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22desktop-6%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.5.213 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-5-213.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.rawstory.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Tv404wPc1yFtsF2Y63UjpzIjCVGQe1eTpo2qfTdIuE0cSw1_ORRnhA==

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C8CE 0
198 B 17ms
15ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021011203&jk=10385770327326&bg=!lpWlldbNAAUYkFXlGDsAKQB2-Dxa5ZXqotj0_RzkyIMCS4Jk4drgtjOBD4SlA356FB1wkMhpvpcUAgAAAstSAAAAvmgBBwoALJnz3kkkHspFkRYSeRW0-ceaQ9j27LdalapP-p9g8QWHaSnMRnUv_Q9IKWG6mQH2J0tovr1J4ZMA03SoJZucewBmlQyOA1oGiO_6tHbjlBq2ugGV9alkvJohcUkyEEgFS6sxqKVeE7Nza3YxrKzc6NYJjBY1p70l6RqjhYELiC9jsJELCbMg5WuAiDuaTUwEv8LPJuZ_ssA9DkCsH-rhb8yiGrOPcw9ZXPjvwYbhQcYTlWjw6bWYm1jp1yaqo5aLwB6zVC8Epp9MJBTm7eG6vBZJX8v6Tl8t_WVDbbOQOnpyMrc6OTxYyMorkGXOFNttkj6imPugKto1VMS_xeJ6ElFvzG_GsJx3epv0TK_vg2jECt4OzABdP-qojyjHDt9DXREuBdKm2aDyFph0Ftzfh1onHu-juAr5KayyA2mdkUZ9XEkTTKnaHBx7JmrIrdqYE9bIOBSo3Vrsj5Um3gpi5i1WbnkzOW66A5uukFLgd76skClpH3gAojGHEDS3ZpwxN_WvBUOlrcgZo-MRyJ8qZkNzyXydoBz4_FkFdCG5l7Tkx67WKi2Yxwz0iJF9P9ILcr4CxufOAUejrEgS2-iF2A8BeY7eNMrK-Su6Tn46trm250Vpqv1HidcsIY8KkCt19BzmYKmWRNgXzryuEKR8W-sa0O47pCkrk_DLr9M_EUjT-0ve6Bulc3P21-VBzx6q1SAlf6lsCMs0tJDSYXGfRL0n77WjtQ

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A0F5 42 B
71 B 23ms
22ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst08aX13Pb87LiR7S9tz9upSYFramJBizeI7kcv99QrH6N1aURpFD_wkmTSJMSxZwNslv55a3IParAPD9zlcJrCOL-Vk6F4pzwXeyEuqmWPOLXdlV7uFqnuNXZB-Q&sai=AMfl-YRc0R1CnfrOWjVl-g5t52e3JLPvRvLWnkwgphTb5hwjX4n_ceYzNJXaBJfOvFO0sHXQZBEry6OpOVvaeH-v1BOfbd9hPloYdvaT3K4CVP-MLzniLlynZdBE4rA&sig=Cg0ArKJSzIDGBV2rO4bnEAE&cid=CAASF-Ro_6OlBz6byq3Rx3B4Hux7umXcitkG&id=ampim&o=1070,706&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1094&mtos=0,0,1094,1094,1094&tos=0,0,1094,0,0&tfs=413&tls=1507&g=82.33333230018616&h=82.33333230018616&tt=1507&r=v&avms=ampa&adk=4135999810

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c Show response
ids.cdnwidget.com/ 31 B
169 B 247ms
164ms XHR
application/json 130.211.47.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=a4e4d8d9ba6f2fa97456f48573a6f4c5&SCH1=&GCS1=237058229&GCS2=ODgzZjczOGEtNzY5YS00NTJmLTkyYjMtNjhlYjNjMTI5ZmNlLmxvY2FsLDllMmJiMWQ4LTZhODUtNGNmYS04NjNmLTJlMzkwZjY2YjNmYi5sb2NhbA==&pe=false&wsid=3129&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Afalse%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A3129%2C%22loadID%22%3A%22NCFlnTwekz104Zu%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A14%2C%22IDStageStart%22%3A14%2C%22netComplete%22%3A456%2C%22obsReqdata%22%3A610%2C%22obsReqpage%22%3A1430%2C%22obsReqview%22%3A3545%2C%22IDStagePrefire%22%3A3545%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A1%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_775b9b434a4111b5921ec63da08fa029.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.47.17 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:19 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-type: application/json

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DFD 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021010903&jk=4434514663849993&bg=!NDelN3TNAAUYkFXlGDsAKQB2-Dxa46lCzdQcrhhD2W2I1anRf83IHOAGCqYNNAT_x6WxmtkFT5Q-AgAAAwRSAAAAY2gBBwoBkG9t3QFy0k76Z2r3NMXreMFjZ4yRJ2btIeYyesr-jIRBjt3ET94cEOFV1RBmeq33mWZMmM7JLcANL_YtBAQAxtxabtgH-T3pHHESbZV_e82V8KE1eYFDDGgyFTJWide86gYe9nMvQRBfvoxq2w_Lllnsol72K86jbYL0LtvQgczPCbcYzojY_GtHznJZL8QLuOyYMOXqHzXudDE_2XGSeS1elMI7GuUzWR-Gxui33NARoGrwNYhus8o5OBn4KG4ZljCRrjTBvCqtep_GNuKUlWW1f8ewYj5LAwS8K5VQyubGk76yfHwazapFNSzm4OLVFdssqlDuegSRN8-Ol1GjwXiAc-1rfEm82jQvWPUnNC3KAC2A4jUcQS5paSHTwqowFeoK3QkcXR0Vk68Mob76k3aRuCvh2fbDa-Dm1ILJrDpL8cBTzDYaQvKYsfilCIz4CiaqIWVAREVrW_PIvV94oOgvwqDoJ28mWD7lrxmHzx5EOca3VV4TWWVVqPNknXK6szIru1FKEPPuDcsod2e-liWZAe6qDsg0LBpaA9kLTfrLBhS6rHa8Gh1iQKxQ2KRfxx75a8Ely1UMlXeUNqlNZM6IjGj1ZF4qWjBW5Fr1ihfsCne5veSI-Qdv__TMMGhgwR_Wh3IsMF2ZI1-S0yeJD5igVB6VGbDiTIZzaXQAkuClgFJauZ1mJ4B77JJafmDXsh99dtuOR1t1QYQANAIMewL0Vi5DkpSl175fgIKYLfti1WSUNM54t895kIyrwCFcWXdMRoSKpoBgmFI5ZMhRS-9ovc065e7sDsOk5o--BnPwZrcGM2bonUWCC9TgOCS2zUlkg9-ZvDrrDdyLgPJyMk39jzGpJCluMjZB9cX1p_I1hg7tiA99wdjpxnWuucVI9ESWc8V80oHcPeUGHQ3Fiy8IZpdDE1nfbquvamkP1-6rIhL5lGR5awaRpp9ImbfwjtXfNWLCuO5NHWAHNOL0vWMlzEJU6AxwQKDzsOaEe6nup2K_o4O01IddKliJu5tw3guH_eEz5csOFFT-bEF8b_HoPLMNxkLfiBiMxyFWtD-R-wb4sx5QwXeog6O7sNP1yLcqoEsqpqEUK0erodHRHuYcA97DZa5XZ8X1s2ljmq0iOhsIRWaxYGYEbST7A7OjHs9WraGyANyjfOtl_FXdoj76tJTNlsakkeV0fnQx0vPuVw

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DAE 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021011202&jk=3978141622088719&bg=!lpWlldbNAAUYkFXlGDsAKQB2-DxavKj1HFJPLXkSai4uwCdB7j6auOJd37ar3USplam1-xk-Xgx1AgAAA4pSAAAASmgBBwoAfRy-zZwuOCx7N6mKdzmcKdGRaKjQFJg59ACmjKLsxWmks1_Bc0XFtyBjO_w8GTo50dqSRV1VxkzxGIkGS6gSHYX-POBY8MPnImsiSdOgaIomOynM4rCenFFReq9q0ydrgARCt_QaNq5VA4kBcALHg9L9qZghJ59jL82093_VmQHyQeZ_S7L1lp0w1dYnmxNvju8OLiTNokIRqdcFim9_3aaBF14aV8mRalaItcHM2z69F5IdMMrIgPqti9PQ5gOeEnMQd98zw4W4QCLNypU6vrCutsN33whpqd5wC_rirgDNobUjogz0bHnj0xFa0SGjSy_Jw13sVR7Q3qjJS5GToqP4TILgQBPhqYa6g2Gcmrf3pYYj3XB5Rdckd7XLcZAvNOXI2AS6RjfsUyR4xhCYVc9VVt1-Jdm6AeMrAyRZ_Ag7HOzxRP-wb3mH4rgSppAzIZtWTVB2C7Xx5fdhm6AY1O6JCeWp7jNCTDIvwQujcVA8a9mVzgbhZcXhDFP7HNUIJjUMcPvCDfgyuaVWku3gXWav-r88NNnQBhzeCrdwIhgeUyYB4qZZvAUOSAlZIo4QAoSD13QLtY6t8ma9pzf70dmYxxzo80P2apuGsHr_iHyqScVYnRrs5uO6-8Q07Gu90TCH89OpShfIiSEEVlVHQ_yW8qdBWTD0EFjJG5ncZucuMSB4-fENVHfozuUvEw8Pb7_uNC_hDH4Mped62CtwMIxgbfYD_ONEGyeuto3_G1QA6jNpOc_aeCFm7JUjn4VBKrG6RCKQowyoL-S3Nvy9jj_-Sna98IM52kCETW2_l6KiZK9yae5uzULffiQxl1fp2AHY

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 36ms
35ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1610640919774&de=658196709775&d=232%3A-%3A-%3A-&bo=rawstory.com&bd=rawstory.com&f=0&cs=0
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 19ms
19ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021011202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3448a4e09a6b8c69fe66efb494b8f6a37e3a65f24d551ec919ed98eca6e42d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jan 2021 16:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6740
x-xss-protection: 0

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ Frame 734E 43 B
332 B 32ms
32ms Image
image/gif 3.125.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=r-d48df8db-a072-469a-8fcc-31e2a4ba2130-104346-914305771&sid=r-4463406e-8afa-4a8e-a66e-d707143efee2-30856-88511121&uid=&vr=v2.50.375&ru=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&tt=1610640919818&siw=1160&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.0&vn=eu-central-1&sd=&_c=aasyo61610640919818&et=&aid=313088&said=675040&ei=%2F21711633394%2Frawstory.com_US_Page-Peel_68057&fc=pa&sp=13&at=adserver&cid=&ist=0&mg=&dl=&dlt=&ev=&vt=&zid=68057&dr=2173&di=&pr=&cw=300&ch=250&nt=&st=&jp=%7B%22esi%22%3A%22unknow%22%2C%22ph%22%3A9196%7D&ty=adr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-0-64.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 16:15:19 GMT
Last-Modified: Tue, 25 Feb 2020 12:05:29 GMT
Server: nginx
ETag: "5e550d89-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 0651 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Thu, 14 Jan 2021 16:03:35 GMT
expires: Fri, 14 Jan 2022 16:03:35 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 704
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK tracking.gif
tracking.justpremium.com/ Frame 734E 43 B
332 B 36ms
32ms Image
image/gif 3.125.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.justpremium.com/tracking.gif?rid=r-d48df8db-a072-469a-8fcc-31e2a4ba2130-104346-914305771&sid=r-4463406e-8afa-4a8e-a66e-d707143efee2-30856-88511121&uid=&vr=v2.50.375&ru=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&tt=1610640920009&siw=1160&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.0&vn=eu-central-1&sd=&_c=a8p8ys1610640920009&et=&aid=&said=&ei=&fc=&sp=&at=adserver&cid=&ist=&mg=&dl=&dlt=&ev=&vt=&zid=68057&dr=2364&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A9196%7D&ty=pb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-0-64.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 16:15:20 GMT
Last-Modified: Tue, 25 Feb 2020 12:05:29 GMT
Server: nginx
ETag: "5e550d89-2b"
Content-Type: image/gif
Cache-Control: public, no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
68 B 242ms
177ms Image
image/png 34.107.221.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Country%2520not%2520allowed&cookieID=&deviceID=&BXWID=3129&warpspeed=2%5EHIykD&loadID=NCFlnTwekz104Zu&version=1.5.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.221.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:20 GMT
via: 1.1 google
alt-svc: clear
content-type: image/png

GET
H/1.1 200
OK 239Umqj8UoCHZovN2ZDXE16IvjXdYCHn Show response
ads.adaptv.advertising.com/a/h/ Frame BE1D 2 KB
1 KB 36ms
33ms XHR
text/xml 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-45-128.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

97289526a30103d2f8066c75f238b228007eb60eb0819e8659f88f515c589fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 940
expires: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 15ms
15ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021011202&jk=1884982980774125&bg=!tbaltvXNAAWtJAQVrTsAKQB2-Dxa1TmrUb2sad9CwLZi71KfRo2M25fWBwhVXHyQYu5bz_3CUZd-AgAAAH1SAAAAFWgBBwoBuquVA0WVt8Y4oY0p9X996HNKM1T982zHhxfanoe0I3HL-lccaC4EwjGt5m9sgMDCaatczbtMQt0sxau7VwUjtCnbqStD_YN1G-byU-zYoE7hAaU41ubo30RvxDi-06Og8bDAX_0qbb7-JD_ThIf7teV5rw2wtAbCpvXRX3Guk-M10HSVLWpLaCOQdmEH-Ihssq0pn5uhFiYao60Cnd8rh0AtwenDNUDskNP1foTmaBUZPJd0LBF7xty30l9NSt_LUZUs-6nhcmPLVBcZbRFWjeCqpCTiUuZXzJOF8xWbeypRx9m5oLII5un0qvp__SknZsfSY6vAjBX8E_pBe8jQNofeLwLzi22yBZ3Trup89ZqOxqdTfzWlQY02J7fC1EgpFLAUThhM4GBSoHe7eS5by-RD3WP1b8v6nnI5TjC5-_7X2mVQS424XOghDsMiVhnuz_Ok_bjhSxfUHePXK6HWZTQpnLIslkAZPjmDBrckEEA7344AxvzTH-3hF_59kZmV8U8LCUq-3smtE2erWu1LUcaSeOOaIAIExLl8UXsgY8nj6poIpGyAYhjIr5vqO-Tedx1f1NmeKjMz8yqZAcdvK0d4RaKbfKaBEti28zCDDarUGs-RefG_FWUiKwNsitLEOVXErHb10OsePdZ5NpJDkMXXdi_Ej0PPtXH5sxFvQt-KK520WZGz8xrakuIV_hp3FloE8ztYryB8ytQZxEiU5_YgnX5bt80_ifygDNPlF0YcmTgdtDssEPfloJwBZwmr2rxhYpNVOyjqKWbgfXB4lCGzXQSzC7hyJk3ublMjKf4WCgTC4tJSg3bT_MwTD6vRKLy83zjEVHikQN1bfkYJCew09xAsO7r3QOWsZEpIgPwg8-Xl_-Ya3-ABXYDKOFJ1xmhiRlvcWS95rhZIUQG1ubfDEEUYhZtbmF72R61lNqldy3-tP51eC5EsxFSepCGBNCY5sbY3H66-HXZNqXxoQCQDoCtXIsGole-9-TXZ6iBK-rhj90UTULI2FE46iYdVzDu4dv6mfYRQAMZdClMaW4Jd5utzfkvgEWs193vmuRQnvylhltj-cO1UuVNvCHYcJFWGxDGvT6f8kS74ZNa_3FKtTX2a_LxjDo4_mMLem3nCNRopoREIj2HifM_lD2EiQTolTYUY7eovJdNTADxXRvDgoC1FoKWxT5m33pR1BSoep8Ix9A

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame 9A3C 15 KB
7 KB 49ms
49ms Script
application/javascript 79.125.103.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1249306&orgId=19368&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&vrid=83c658ec-1f8a-4507-afc1-9930d980c39c&pblob=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.103.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-103-162.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7a3f95bcf1253e2338dfb4c6fd22a361b7977f0202463b8a477831eccab49afc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:20 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6654

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/ Frame 9A3C 321 KB
103 KB 18ms
17ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

66dd5033bfecfeef06d05c3c5115bdba91710813b07c6635f91f0424223d43b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 12 Jan 2021 17:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167399
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 105542
x-amz-id-2: UjBc+6nJqWJnaUBlM0cjwolgBt75XWDzAFv2/dhUPxsHhKgoi3gNapUYoeM4fr6Zg+XeBYrFHUc=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Dec 2020 16:21:44 GMT
server: ATS
etag: "d3e6dcf5eb86c562a4a5c5fa218f09fe-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: 22883B63C2F80862
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame 9A3C 43 B
245 B 32ms
32ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=5909e4257cdce053ec93786e&s=true&pv=10.2.59&ifr=true&cb=0.13360340411603633&pt=o2unit&sid=7d721126-f3d0-485b-af52-3625ada75ed5&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:20 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:20 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ Frame 9A3C 133 KB
44 KB 39ms
38ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:20 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 844FF664DE0AB17A
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=61223
accept-ranges: bytes
content-length: 44266
x-amz-id-2: KrpVRZD3M0T4g9xUncS5g3siU6Z/qnTuCp2KYOKEtN/tCl8UaA8yn/9PP1OCFx0nXyimfljs5VQ=

GET
H2 200 local-storage.html
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame EFDD 0
0 17ms
16ms Document
text/html 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-id-2: qDYpppNXGhnAkfScyy7ID+36mQ1viwLFVgrxrfJyfNr/GyzArkSuU5Z0HesbOND4TdApnPSu7Wg=
x-amz-request-id: E820B63DA388B9DA
date: Wed, 06 Jan 2021 21:31:03 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
age: 672258
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK 239Umqj8UoCHZovN2ZDXE16IvjXdYCHn Show response
ads.adaptv.advertising.com/a/h/ Frame 9A3C 249 B
546 B 52ms
51ms XHR
text/xml 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/239Umqj8UoCHZovN2ZDXE16IvjXdYCHn?cb=97b3a5f31610640920027&gdpr=1&gdpr_consent=0&pet=preroll&pageUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&eov=eov&us_privacy=&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=334&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=594

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-45-128.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame 9A3C 43 B
245 B 33ms
31ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=7d721126-f3d0-485b-af52-3625ada75ed5&vvuid=6e0c77f5-ea80-48cd-a018-fa2a3c953cfe&orgId=19368&plcid=1249306&vrid=83c658ec-1f8a-4507-afc1-9930d980c39c&ab=0&dt=79&h=334&spaceid=793604934&w=594&cb=0.7534935017158066
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:20 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:20 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame 9A3C 43 B
245 B 33ms
32ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=7d721126-f3d0-485b-af52-3625ada75ed5&vvuid=6e0c77f5-ea80-48cd-a018-fa2a3c953cfe&orgId=19368&plcid=1249306&vrid=83c658ec-1f8a-4507-afc1-9930d980c39c&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.3549480321224381
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:20 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:20 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame 9A3C 43 B
245 B 33ms
32ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=7d721126-f3d0-485b-af52-3625ada75ed5&vvuid=6e0c77f5-ea80-48cd-a018-fa2a3c953cfe&orgId=19368&plcid=1249306&vrid=83c658ec-1f8a-4507-afc1-9930d980c39c&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=594&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=334&cb=0.8302016624683786
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:20 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:20 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 34ms
33ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1610640920286&de=777067742742&d=238%3A-%3A-%3A-&bo=rawstory.com&bd=rawstory.com&f=0&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:20 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 14 Jan 2021 16:15:20 GMT

GET
H2 200 ad-engine-response.gif
trk.vidible.tv/trk/ Frame 9A3C 43 B
245 B 32ms
32ms Image
image/gif 35.157.124.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=5909e4257cdce053ec93786e&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.59&r=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s=true&sid=7d721126-f3d0-485b-af52-3625ada75ed5&vvuid=6e0c77f5-ea80-48cd-a018-fa2a3c953cfe&orgId=19368&plcid=1249306&vrid=83c658ec-1f8a-4507-afc1-9930d980c39c&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=594&aert=81&ar=no&fo=0&ft=0&h=334&cb=0.3154255785948765
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:20 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Thu, 14 Jan 2021 16:15:20 GMT

POST
H2 200 v2nmn7KSEiDR2i8MLz5MPThknC-I6T3PidIj89QFpdi_1AjjH8-vFdCP77j66wYGrTTwi9l4 Show response
detectdinner.com/ 216 B
614 B 149ms
56ms Fetch
application/json 35.190.74.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://detectdinner.com/v2nmn7KSEiDR2i8MLz5MPThknC-I6T3PidIj89QFpdi_1AjjH8-vFdCP77j66wYGrTTwi9l4

Requested by

Host: scrubswim.com
URL: https://scrubswim.com/v2/0/egtfdegHAd2A_V-s9LVlESD2lKxQs6fp83Y07SUuo0VxLVQEJuQ6PlYvR5voudL7LwA01I21v6r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.74.157 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

57d987b9cd1933f154c4dc3d54b4a95857936e3a994a5a8f93b532058ac335a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Thu, 14 Jan 2021 16:15:20 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 9b6d8613
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Thu, 14 Jan 2021 16:15:19 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame D957 0
0 97ms
31ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.rawstory.com/qanon-congress-2649937672/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Fri, 14 Jan 2022 16:15:20 GMT
Date: Thu, 14 Jan 2021 16:15:20 GMT
Connection: keep-alive

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 181E 0
0 96ms
32ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.rawstory.com/qanon-congress-2649937672/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

Server: Apache
Last-Modified: Tue, 06 Oct 2020 14:04:48 GMT
ETag: "e20015-8f4-5b10114f2003a"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1136
Date: Thu, 14 Jan 2021 16:15:20 GMT
Connection: keep-alive

GET
H2 200 iframe
mantodea.mantisadnetwork.com/prebid/ Frame D715 0
0 333ms
107ms Document
text/html 52.22.61.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1610640915676&secure=true&version=9&mobile=false&title=MSNBC%27s%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues%20-%20Raw%20Story%20-%20Celebrating%2016%20Years%20of%20Independent%20Journalism&url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.61.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

:method: GET
:authority: mantodea.mantisadnetwork.com
:scheme: https
:path: /prebid/iframe?tz=-60&buster=1610640915676&secure=true&version=9&mobile=false&title=MSNBC%27s%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues%20-%20Raw%20Story%20-%20Celebrating%2016%20Years%20of%20Independent%20Journalism&url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

date: Thu, 14 Jan 2021 16:15:21 GMT
content-type: text/html; charset=utf-8
content-length: 332
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: -1
etag: W/"14c-2/90gS7i4/mMOEs2vG1pHoCUlMc"

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame CADD 0
0 67ms
26ms Document
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

date: Thu, 14 Jan 2021 16:15:20 GMT
set-cookie: __cfduid=dd724c024832627965e39aecad590a19b1610640920; expires=Sat, 13-Feb-21 16:15:20 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 07a347296f00001d22aa02a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6118a7bbe8c81d22-CPH

GET
H/1.1 200
OK Cookie set check.html
biddr.brealtime.com/ Frame 01E6 0
0 72ms
28ms Document
text/html 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: biddr.brealtime.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.rawstory.com/qanon-congress-2649937672/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

Date: Thu, 14 Jan 2021 16:15:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dad404d9ea459addfe53111a52b3b39d01610640920; expires=Sat, 13-Feb-21 16:15:20 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2: uReFd/UqI7JjrlgWJAxnIxML3AQVtaGYAP8/JK0Q28FkeXJwGRDICFM4+q+jF+OBQWMYLC5ZiFg=
x-amz-request-id: 4564552171D75343
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 2444
Expires: Thu, 14 Jan 2021 16:16:20 GMT
Cache-Control: public, max-age=60
cf-request-id: 07a34729790000d8a5c79aa000000001
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6118a7bbfef4d8a5-CPH
Content-Encoding: gzip

POST
H2 200 v2dhnjhTITwEN9TsCZFNFniS4LOLV4JoL4PeZJlcuRO4Uo22n1kTMmlgKB6eLd7ROCxSITeE Show response
detectdinner.com/ 6 KB
2 KB 85ms
85ms Fetch
application/json 35.190.74.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://detectdinner.com/v2dhnjhTITwEN9TsCZFNFniS4LOLV4JoL4PeZJlcuRO4Uo22n1kTMmlgKB6eLd7ROCxSITeE

Requested by

Host: scrubswim.com
URL: https://scrubswim.com/v2/0/egtfdegHAd2A_V-s9LVlESD2lKxQs6fp83Y07SUuo0VxLVQEJuQ6PlYvR5voudL7LwA01I21v6r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.74.157 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

333346f9c89876baf7869b0f454b50e48df4e04b4d023b7a83c5171922504501

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
date: Thu, 14 Jan 2021 16:15:20 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rawstory.com
access-control-allow-credentials: true
x-hostname: 9b6d8613
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 1733

GET
H2 200 Sticky2 Show response
detectdinner.com/v2jjjjcl14bmcjyGJlacR6Lgd19cOb6tcpzr_2RigZpTtPNs-2tRTdSsuHebsdBUwUSMLp1E/ 64 KB
22 KB 61ms
60ms Script
text/javascript 35.190.74.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://detectdinner.com/v2jjjjcl14bmcjyGJlacR6Lgd19cOb6tcpzr_2RigZpTtPNs-2tRTdSsuHebsdBUwUSMLp1E/Sticky2

Requested by

Host: scrubswim.com
URL: https://scrubswim.com/v2/0/egtfdegHAd2A_V-s9LVlESD2lKxQs6fp83Y07SUuo0VxLVQEJuQ6PlYvR5voudL7LwA01I21v6r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.74.157 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

0e57e1f3f5fb8bf4c89d1a9aabfef0eb8868042c1514e0c1f55ae9f3ae20f946

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Origin: https://www.rawstory.com
Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "5459145e496d1fa7cbb7dc00cffceb0c1ab33c1c557e6f39a398edec2cff85c2"
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.rawstory.com
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
x-hostname: 9b6d8613
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date: Thu, 14 Jan 2021 16:15:21 GMT

GET
H2 200 MywwNDA4YzM3MWYwOTM
images.getadmiral.com/ 3 KB
4 KB 77ms
43ms Image
image/png 2606:4700:3037::6818:7482
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.getadmiral.com/MywwNDA4YzM3MWYwOTM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6818:7482 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f54d4f4557ffad679c672c54c96f94517dc862e2230c019d2bd24b0650217c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:21 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 2876
cf-request-id: 07a3472a5800001756b6b69000000001
server: cloudflare
x-datacenter: gce-europe-west1
etag: "02b98ff7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aqOftre4IZtv92VU%2B7tKGtiwVElIEexBH%2F33qkWOvJLFgxNEFN1RVBUH8Cfs%2F34CqCfCMWJ2mxG6rCWB3%2F6lx4kvl4woqaFvi0xSSBrXgLZuqesr3TWsFYbmHLHfKiJxtls%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: private, must-revalidate, max-age=300
x-hostname: icarus
cf-ray: 6118a7bd58051756-FRA

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame BE1D 0
303 B 130ms
130ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=91852
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:22 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

GET
H2 200 sync
pre.ads.justpremium.com/v/1.0/t/ Frame 1EAF 0
0 59ms
59ms Document
text/html 35.156.26.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a15rz491610640916030
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.26.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-26-195.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: pre.ads.justpremium.com
:scheme: https
:path: /v/1.0/t/sync?_c=a15rz491610640916030
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

date: Thu, 14 Jan 2021 16:15:22 GMT
content-type: text/html; charset=utf-8
cache-control: public, no-cache, no-store, must-revalidate

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 02C3 0
0 109ms
36ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.rawstory.com/qanon-congress-2649937672/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=145624
Expires: Sat, 16 Jan 2021 08:42:26 GMT
Date: Thu, 14 Jan 2021 16:15:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 001B 0
0 102ms
33ms Document
text/html 23.8.15.54
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.8.15.54 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-8-15-54.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.rawstory.com/qanon-congress-2649937672/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Jan 2021 16:15:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 iframe
sync.teads.tv/ Frame 838B 0
0 67ms
64ms Document
text/html 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A12%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /iframe?gdprIab=%7B%22status%22%3A12%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

content-type: text/html; charset=UTF-8
server: akka-http/10.1.9
content-length: 153
expires: Thu, 14 Jan 2021 16:15:22 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 14 Jan 2021 16:15:22 GMT
set-cookie: tt_bluekai=; Expires=Wed, 13 Jan 2021 15:15:22 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Wed, 13 Jan 2021 15:15:22 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Wed, 13 Jan 2021 15:15:22 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Wed, 13 Jan 2021 15:15:22 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Wed, 13 Jan 2021 15:15:22 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Wed, 13 Jan 2021 15:15:22 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Wed, 13 Jan 2021 15:15:22 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Wed, 13 Jan 2021 15:15:22 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Wed, 13 Jan 2021 15:15:22 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None

GET
H2

200

sync
eb2.3lift.com/ Frame 4AA4
Redirect Chain

https://ib.3lift.com/sync?
https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

0
0

33ms
32ms

Document
text/html

18.185.170.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.170.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-170-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=16866132960317326045
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

date: Thu, 14 Jan 2021 16:15:22 GMT
content-type: text/html; charset=utf-8
content-length: 479
set-cookie: sync=CgoIgQIQirC4jfAuCgoIkQIQirC4jfAuCgoI4gEQirC4jfAuCgoIkgIQirC4jfAuCgoI5gEQirC4jfAuCgoIhwIQirC4jfAuCgkIOhCKsLiN8C4KCQgLEIqwuI3wLgoJCF8QirC4jfAuCgkIHxCKsLiN8C4=; Max-Age=7776000; Expires=Wed, 14 Apr 2021 16:15:22 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=16866132960317326045; Max-Age=7776000; Expires=Wed, 14 Apr 2021 16:15:22 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Thu, 14 Jan 2021 16:15:22 GMT
content-length: 0
set-cookie: tluid=16866132960317326045; Max-Age=7776000; Expires=Wed, 14 Apr 2021 16:15:22 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame FE05 0
303 B 128ms
128ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=91854
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:22 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

GET
H2 200 social-ux-non-critical.css
www.rawstory.com/static/css-build/roar/runner/ 110 KB
21 KB 26ms
26ms Stylesheet
text/css 2606:4700:20::681a:823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rawstory.com/static/css-build/roar/runner/social-ux-non-critical.css?v=rmxassets66b3c7c33430c6d86825956c94cfb999RMCSS

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16d5282e8809309887ef897e1c00c4242218753d26a0ede2e4bf6154afe7cd0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15786000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:22 GMT
via: 1.1 F_wfe_production, 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
age: 2258771
x-cache: HIT, HIT
fastly-swr: 2592000.000
content-encoding: br
cf-request-id: 07a347312d00001f39f8b2d000000001
x-served-by: cache-bwi5129-BWI, cache-fra19138-FRA
last-modified: Fri, 18 Dec 2020 14:25:42 GMT
server: cloudflare
x-timer: S1610640923.934088,VS0,VE1
x-frame-options: SAMEORIGIN
etag: W/"5fdcbbe6-1b981"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15786000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vdOGSB5or0FvHbAnq81Q9VGrgp2THdWR7j7RV4EtZZ0lK%2Fbt6IYhE9nlzP%2FWgGD6RRN%2BPNs79kzzHNRb%2BDgj%2Bbptf%2FHjCmGiwbV4Kr7V%2FhSP0QoUgmP%2BTEASCXzT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6118a7c84ea51f39-FRA
fastly-sie: 86400.000
x-cache-hits: 1, 1

GET
H2 200 fontawesome-webfont.woff2
www.rawstory.com/static/fonts/fontawesome/4.6.3/ 70 KB
71 KB 17ms
17ms Font
application/font-woff2 2606:4700:20::681a:823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rawstory.com/static/fonts/fontawesome/4.6.3/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/static/css-build/roar/runner/social-ux-non-critical.css?v=rmxassets66b3c7c33430c6d86825956c94cfb999RMCSS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15786000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://www.rawstory.com
Referer: https://www.rawstory.com/static/css-build/roar/runner/social-ux-non-critical.css?v=rmxassets66b3c7c33430c6d86825956c94cfb999RMCSS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:22 GMT
via: 1.1 F_wfe_production, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
age: 2258771
x-cache: HIT, HIT
fastly-swr: 2592000.000
content-length: 71896
cf-request-id: 07a347316200001f3943ac3000000001
x-served-by: cache-bwi5130-BWI, cache-fra19138-FRA
last-modified: Thu, 10 Dec 2020 14:49:26 GMT
server: cloudflare
x-timer: S1610640923.986156,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "5fd23576-118d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15786000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uHk7zXMuU0PXnB8nJpaRC6SA3cEYy1JRAq%2FG8CkTEae7hgVMz%2Fio5nRE1p8cBwHbC0rSGZUr%2Fq2zRrLktUoBYkm2%2FtFh8Qa6Nq1DA%2FIvKaimjs3BWh3%2FEOxVvh20"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6118a7c89f6b1f39-FRA
fastly-sie: 86400.000
x-cache-hits: 1, 2

GET
H2 200 Roboto-500.woff2
www.rawstory.com/static/fonts/roboto/Roboto-500/ 10 KB
11 KB 17ms
16ms Font
application/font-woff2 2606:4700:20::681a:823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rawstory.com/static/fonts/roboto/Roboto-500/Roboto-500.woff2

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/static/css-build/roar/runner/social-ux-non-critical.css?v=rmxassets66b3c7c33430c6d86825956c94cfb999RMCSS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f79f64a58642bbf7c71fba9f42fcdd561da4749c204e1936e46507714762a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15786000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://www.rawstory.com
Referer: https://www.rawstory.com/static/css-build/roar/runner/social-ux-non-critical.css?v=rmxassets66b3c7c33430c6d86825956c94cfb999RMCSS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:22 GMT
via: 1.1 F_wfe_production, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
age: 2258767
x-cache: HIT, HIT
fastly-swr: 2592000.000
content-length: 10248
cf-request-id: 07a347316c00001f391c126000000001
x-served-by: cache-bwi5138-BWI, cache-fra19148-FRA
last-modified: Thu, 10 Dec 2020 14:49:26 GMT
server: cloudflare
x-timer: S1610640923.996630,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "5fd23576-2808"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15786000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9e1SRs7YVLJY%2FG9OgmA3EKfnYPo1mBEsfM7XurlDhzQElpaBxn2eBBmshaJvGdqmfKAmsqNB%2B1ukrRvq%2BDwyI492xbaMK8uH3bFHndeW4u%2FiIA5Th5ZljMd9d%2Fk6"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6118a7c8af981f39-FRA
fastly-sie: 86400.000
x-cache-hits: 1, 1

GET
H2 200 Roboto-regular.woff2
www.rawstory.com/static/fonts/roboto/Roboto-regular/ 10 KB
10 KB 15ms
15ms Font
application/font-woff2 2606:4700:20::681a:823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rawstory.com/static/fonts/roboto/Roboto-regular/Roboto-regular.woff2

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/static/css-build/roar/runner/social-ux-non-critical.css?v=rmxassets66b3c7c33430c6d86825956c94cfb999RMCSS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6cb334272988052b287ab0af9b48c6cd1a53d2d685712a3941e90f4e8ba2e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15786000; preload
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://www.rawstory.com
Referer: https://www.rawstory.com/static/css-build/roar/runner/social-ux-non-critical.css?v=rmxassets66b3c7c33430c6d86825956c94cfb999RMCSS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:23 GMT
via: 1.1 F_wfe_production, 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
age: 2258771
x-cache: HIT, HIT
fastly-swr: 2592000.000
content-length: 10292
cf-request-id: 07a347317200001f390c149000000001
x-served-by: cache-bwi5134-BWI, cache-fra19138-FRA
last-modified: Thu, 10 Dec 2020 14:49:26 GMT
server: cloudflare
x-timer: S1610640923.001423,VS0,VE1
x-frame-options: SAMEORIGIN
etag: "5fd23576-2834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15786000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Br2nCkqcr04aT6FnjQR7q%2FXjtvG%2FSECieafb%2FmVYPfUufk6k8s9qxbQ3nq1WCAlOJC%2FYuRzE59OOkEhWu0mYq2aOaGG0moHB7Pm4zO8qhZTOB0qrkSxoBeGYpeId"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6118a7c8bfb31f39-FRA
fastly-sie: 86400.000
x-cache-hits: 1, 1

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 306 KB
83 KB 174ms
28ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7644e16c3f1cebc16184feaf91e2074136366faf4a7dc16e5adf523905622b0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:23 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 17:16:03 GMT
server: AmazonS3
x-amz-request-id: 10E75EA2E0BBF7A2
etag: "5a431c3db107d41b86d368b4079d5bc7"
x-hw: 1610640923.cds058.sk1.hn,1610640923.cds226.sk1.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 85017
x-amz-id-2: n+U5I3nHk1vG+Tbl9UwKqCPyTYF/AmmCJk0luy8GQ5/wUsY3j11wAjdO6S9DoEG1xZ6DNHjvQ/k=

GET
H2 200 zerg.js Show response
www.zergnet.com/ 7 KB
3 KB 366ms
108ms Script
application/javascript 52.203.203.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zergnet.com/zerg.js?id=70694
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.203.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 84b88b9a356b63a7c478d154f43c831cb17a583a6b67d4c3309c6dbccd116f6d

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:23 GMT
content-encoding: gzip
expires: Thu, 21 Jan 2021 16:15:23 GMT
server: nginx
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK embed.js Show response
rawstory.disqus.com/ 72 KB
24 KB 3933ms
19ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rawstory.disqus.com/embed.js

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

605293de2e9264e16bf190be931e382d8a3405411adc5f641494cba924d9d77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 16:15:27 GMT
Content-Encoding: gzip
Server: openresty
Age: 32
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 23902

GET
H2 200 bootloader.js Show response
static.newsmaxfeednetwork.com/web-clients/bootloaders/NFdSgUJEbGo0sJ0zC5cqEs/ 1 KB
2 KB 3784ms
108ms Script
text/javascript 52.200.45.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsmaxfeednetwork.com/web-clients/bootloaders/NFdSgUJEbGo0sJ0zC5cqEs/bootloader.js
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.45.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: ceb22500ccde6a712c747806a1228691e29c6e27db5fa452752faf31b9898119

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:26 GMT
cache-control: public, max-age=300
x-powered-by: Express
etag: W/"58e-XXuAbMJ/Nq2PNfgjDsUCEpoj0R4"
content-length: 1422
content-type: text/javascript; charset=utf-8

GET
H2 200 AGSKWxWQa2wOy3XpEr1P04-8OBqAvhyeMRlpSElNLP11MKH1Md69SUJfkfRgP-I5UL9xXjoT0lY7zBHLGgwiuiGCRNI= Show response
fundingchoicesmessages.google.com/f/ 83 KB
31 KB 99ms
78ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWQa2wOy3XpEr1P04-8OBqAvhyeMRlpSElNLP11MKH1Md69SUJfkfRgP-I5UL9xXjoT0lY7zBHLGgwiuiGCRNI=

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78ccee7835cf962ea489b5d0c9b316c8db4ec60a18f36700511f79865602b8de

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u6joy4uupKMMXncKTY8+cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-u6joy4uupKMMXncKTY8+cQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-u6joy4uupKMMXncKTY8+cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-u6joy4uupKMMXncKTY8+cQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 yappa-comments.js Show response
embed.yappaapp.com/ 7 KB
3 KB 51ms
15ms Script
application/javascript 2606:4700:e0::ac40:6d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.yappaapp.com/yappa-comments.js
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b57916af1cef2a55be28cd3a66468f93f2bcec023bfbac9eb3a6d648ba42ff7

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Dec 2020 11:52:23 GMT
server: cloudflare
age: 2087480
etag: W/"5fe08c77-1ac4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UDHTusRkIDHn2HPfOFccYsTQBC%2F1ukhfJBI7AfM%2F2Y41SQi3KjasnZP5s6i0Tv036hnRyu9%2FXuGAZijThlbwgWaagaDEREthorhXRkVI7VlpTbOURloDzUwiwLj6bO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6118a7c9ff183258-FRA
cf-request-id: 07a347323c000032588919c000000001

GET
H2 200 zerg.js Show response
www.zergnet.com/ 7 KB
3 KB 324ms
108ms Script
application/javascript 52.203.203.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zergnet.com/zerg.js?id=72546
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.203.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 16eb0016482bab57cb73fd313065fae4b8d3fae681488cabf2dafbf5ef40cf5e

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:23 GMT
content-encoding: gzip
expires: Thu, 21 Jan 2021 16:15:23 GMT
server: nginx
content-type: application/javascript; charset=UTF-8

GET
H2 200 lightbox_inline.js Show response
www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/ 2 KB
1 KB 39ms
21ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/lightbox_inline.js
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c950f528592442fea0b654ec6bc3fd82a1f225feda40f335d2158d30bbb918

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 16:15:23 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: Z+oJFX3yX3X0t+tPbMcyZA==
age: 276
cf-polished: origSize=2379
cf-request-id: 07a347322d00002b4d58065000000001
x-ms-lease-status: unlocked
last-modified: Mon, 28 Dec 2020 18:22:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 5bb9f311-601e-00fa-6d46-dd9c26000000
x-ms-version: 2009-09-19
cf-ray: 6118a7c9e8f42b4d-FRA
cf-bgj: minify

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/ Frame 9D7B 326 B
304 B 33ms
32ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/lightbox.js?mb=1610640923206&lv=1
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 334337ca213265d2a9d91efcf4c3acafe44b825b59a327d20237375170480ff7

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:23 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2585
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6118a7ca7a742b4d-FRA
cf-request-id: 07a347328700002b4d68bd2000000001

GET
H2 200 yappa-comments.css
embed.yappaapp.com/ 137 B
390 B 20ms
20ms Stylesheet
text/css 2606:4700:e0::ac40:6d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.yappaapp.com/yappa-comments.css
Requested by: Host: embed.yappaapp.com
URL: https://embed.yappaapp.com/yappa-comments.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b460840487c7419340c409f5d2e230e5f36d965a061754bd2402b7e4068962c

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Dec 2020 11:52:23 GMT
server: cloudflare
age: 2087469
etag: W/"5fe08c77-89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X5FoeQoMmNIllQcpzaRlK8Uitd2AwufoL5o2YXWGvaw1WraGpa43q81%2F76E2t2nqM5tZxJ%2Fi1UDQrORpe0q%2BVCAn4ybvpRRpV%2BT26Htl7CNyuY%2FsCSXXrQreRRm4TXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6118a7ca887a3258-FRA
cf-request-id: 07a347329400003258d2aa2000000001

GET
H2 200 /
widget.yappaapp.com/ Frame DE54 0
0 372ms
295ms Document
text/html 2606:4700:e0::ac40:6d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.yappaapp.com/?url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&content-id=&disable-ads=false
Requested by: Host: embed.yappaapp.com
URL: https://embed.yappaapp.com/yappa-comments.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: widget.yappaapp.com
:scheme: https
:path: /?url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&content-id=&disable-ads=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cf_bm=b053f7278ef1f11329a39327e25edba4f39cff54-1610640923-1800-AVSRj/AxxKRpJO6Kg//atql/4Nv34zGM9SWcmKXr4NJwBjIxgDx2C7FxxRQuWuGdZdT0VdxPm+XoYboifHC6xo8=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

date: Thu, 14 Jan 2021 16:15:23 GMT
content-type: text/html
set-cookie: __cfduid=dafaf913aafb9c50d00626c3041a21e031610640923; expires=Sat, 13-Feb-21 16:15:23 GMT; path=/; domain=.yappaapp.com; HttpOnly; SameSite=Lax; Secure
last-modified: Mon, 21 Dec 2020 11:58:37 GMT
cf-cache-status: DYNAMIC
cf-request-id: 07a34732e500003258e830c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g4ESrepsnaE48HD9nZLwGoNsGfxC2xN5FUqXjiktGMeAWUyhOBp7QFOlIAScigDYevZyG6BbWU3kZepe%2FukSqxoia%2FZOHWE%2BDFE20djxzaUuqLrdlLmf9y%2F%2F%2FAd1cpAG"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6118a7cb09953258-FRA
content-encoding: br

POST
H3-Q050 204 AGSKWxV9yPY-fm-1FVfheWJWvRuApFlfvzb3puu0hjX6DE5PWJmadTtqKIX_0Eiugsiq0U_Gko_SfGYUDrayxbtzHT4= Show response
fundingchoicesmessages.google.com/l/ 0
347 B 108ms
27ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxV9yPY-fm-1FVfheWJWvRuApFlfvzb3puu0hjX6DE5PWJmadTtqKIX_0Eiugsiq0U_Gko_SfGYUDrayxbtzHT4=?pvid=6F9A2DB5-FFB3-431E-9219-C226B8FB5BFD&anonid=9C843BA5-8F46-4A4A-B397-34B47BA06513

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.WQxhERXg4t0.es5.O/d=1/ct=zgms/rs=AJlcJMwOKkKlwhQi4uOYrV8ntFoP3AS8Wg/m=loader_js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tdjIyFwewaF2UFDNg9u/Cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tdjIyFwewaF2UFDNg9u/Cg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Jan 2021 16:15:23 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-tdjIyFwewaF2UFDNg9u/Cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tdjIyFwewaF2UFDNg9u/Cg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxUahS0VcUJBp6plQ01jIOtzksP6oKkAlARXZYyktgjza1RDHe48HcrXrPkKkSKRH8ly9jfcwj-8uShy7XzDd7k= Show response
fundingchoicesmessages.google.com/f/ 247 KB
62 KB 126ms
63ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUahS0VcUJBp6plQ01jIOtzksP6oKkAlARXZYyktgjza1RDHe48HcrXrPkKkSKRH8ly9jfcwj-8uShy7XzDd7k=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjEwNjQwOTIzLDM5OTAwMDAwMF0sIjZGOUEyREI1LUZGQjMtNDMxRS05MjE5LUMyMjZCOEZCNUJGRCIsIjlDODQzQkE1LThGNDYtNEE0QS1CMzk3LTM0QjQ3QkEwNjUxMyIsbnVsbCxbbnVsbCxbN11dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51212d77c3bf2ec8d70449d0bc9ba012526373b129f6eddc7e5a08b74ae8ca12

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1AyfXA5o4mFGtEUyxfAfLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1AyfXA5o4mFGtEUyxfAfLg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-1AyfXA5o4mFGtEUyxfAfLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1AyfXA5o4mFGtEUyxfAfLg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxV9yPY-fm-1FVfheWJWvRuApFlfvzb3puu0hjX6DE5PWJmadTtqKIX_0Eiugsiq0U_Gko_SfGYUDrayxbtzHT4= Show response
fundingchoicesmessages.google.com/l/ 0
819 B 88ms
25ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WBuHijI8rVn1UK5GZDSf+w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-WBuHijI8rVn1UK5GZDSf+w' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Jan 2021 16:15:23 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-WBuHijI8rVn1UK5GZDSf+w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-WBuHijI8rVn1UK5GZDSf+w' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spacer.gif Show response
pages-stats.rbl.ms/ 43 B
212 B 108ms
108ms Fetch
image/gif 54.86.238.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pages-stats.rbl.ms/spacer.gif?1610640923466&event=post-page-view-duration&version=1&format=json&data=%7B%22site_id%22%3A20266338%2C%22roar_id%22%3A20266338%2C%22client%22%3A%22desktop%22%2C%22referrer%22%3A%22%22%2C%22duration%22%3A5000%7D
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/static/dist/social-ux/main.02db10cbbc0a04a4fb67.bundle.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.238.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-238-79.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:23 GMT
last-modified: Wed, 20 May 2020 10:03:24 GMT
server: openresty
etag: "5ec5006c-2b"
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
content-length: 43

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/ Frame 9D7B 798 KB
143 KB 42ms
41ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/user.js?cb=637447765373566247
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/lightbox.js?mb=1610640923206&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc431f26ddb13b192628fa54878bf0b494e9873aedb982ffdefad1190c940a0c

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 16:15:23 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: mHW+PbDceF2BaCJQzxwRLQ==
age: 251556
cf-polished: origSize=1317520
last-modified: Mon, 28 Dec 2020 18:22:17 GMT
cf-request-id: 07a347335100002b4d6e023000000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 5fba5733-c01e-0012-5946-dd61dd000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6118a7cbbe492b4d-FRA
expires: Fri, 14 Jan 2022 16:15:23 GMT

GET
H2 200 output.js Show response
www.zergnet.com/ 6 KB
2 KB 113ms
113ms Script
application/javascript 52.203.203.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zergnet.com/output.js?id=70694&time=1610640923584&sc=1&callback=json5271240
Requested by: Host: www.zergnet.com
URL: https://www.zergnet.com/zerg.js?id=70694
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.203.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 166cca4dc9deb79a0d4bc3012275ab04f6f0836cb45759543e0085505fe81c6f

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:23 GMT
content-encoding: gzip
server: nginx
p3p: CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: application/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 49 KB
3 KB 20ms
19ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.en_US.E0DkF01aAXs.es5.O/d=1/ct=zgms/rs=AJlcJMxIBk3b2RCiGV4mNYcnxlSpsWwuwg/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8929511a46b2456650f499d20bfc86a8e32905b6b236770634cd06afee158f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 16:15:23 GMT
server: ESF
date: Thu, 14 Jan 2021 16:15:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jan 2021 16:15:23 GMT

GET
H2 200 LR0bhQx-dxIi9Wz09WnVaDZxlHfu8ZpxyVOETRKD9CwKvm1fe1zEwcgdACGUfSZzQGWsaaEVxvCg-U7Mc6np-bY0tx0oM9pO8lPsimpzJWlgIzoCg6ER-Q=h42
lh3.googleusercontent.com/ 6 KB
6 KB 27ms
6ms Image
image/jpeg 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/LR0bhQx-dxIi9Wz09WnVaDZxlHfu8ZpxyVOETRKD9CwKvm1fe1zEwcgdACGUfSZzQGWsaaEVxvCg-U7Mc6np-bY0tx0oM9pO8lPsimpzJWlgIzoCg6ER-Q=h42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a79746ac1e7994dc03d6109e4f696dc31b5e6530bc6c45e59462167822db6fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 13:25:39 GMT
x-content-type-options: nosniff
age: 10184
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6058
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 06 Jan 2021 23:11:25 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
267 B 175ms
53ms Fetch
text/html 3.248.155.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=112075&gdpr=1&us_privacy=1---

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.155.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:23 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 172ms
51ms Fetch 3.248.155.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync?gdpr=1
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.155.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:23 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
267 B 174ms
54ms Fetch
text/html 3.248.155.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=110322&gdpr=1&us_privacy=1---

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.155.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:23 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 170ms
50ms Fetch 3.248.155.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync?gdpr=1
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.155.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:23 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 34ms
33ms Stylesheet
text/css 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637447765373566247
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/user.js?cb=637447765373566247
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 16:15:23 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 251555
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
cf-request-id: 07a347347200002b4d5a160000000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 5de8128b-201e-00b9-4646-ddb6cf000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6118a7cd8c412b4d-FRA
expires: Fri, 14 Jan 2022 16:15:23 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/42439/www.rawstory.com/jsonp/ 537 B
794 B 1620ms
145ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42439/www.rawstory.com/jsonp/z?cb=1610640923778&callback=jQuery17103951752005585809_1610640923708&_=1610640923779
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/user.js?cb=637447765373566247
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 98852c64bf54f0d36834962185ab2a1ac0dac49e2207722198e88d4f6c41f546

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 16:15:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
285 B 26ms
26ms Image
image/gif 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1610640923763&h=www.rawstory.com&e=p&u=42439
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 16:15:23 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1700844
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
cf-request-id: 07a347348c00002b4d80902000000001
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: fea83bb3-001e-000f-6618-dbb837000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6118a7cdacb62b4d-FRA
cf-bgj: imgq:85,h2pri

POST
H3-Q050 204 AGSKWxVbmavW1qeXOIuYpmBk-2HtWRiJvmUZmFHxIQed4kPA6SyMq_7ZlK1KhuL72-ZOX4-wPlp_5JT8VRKdWTNLFmVdyQ4K0EGPlY4tQQaNxK9_IntsFyOzTwcpQ4u290IzV7ua9DhGJViYnLz3avFsRWXGvud1tv-AH8XgIDvfldHuxOi-WYPFTt9eLuRe Show response
fundingchoicesmessages.google.com/l/ 0
346 B 78ms
78ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxVbmavW1qeXOIuYpmBk-2HtWRiJvmUZmFHxIQed4kPA6SyMq_7ZlK1KhuL72-ZOX4-wPlp_5JT8VRKdWTNLFmVdyQ4K0EGPlY4tQQaNxK9_IntsFyOzTwcpQ4u290IzV7ua9DhGJViYnLz3avFsRWXGvud1tv-AH8XgIDvfldHuxOi-WYPFTt9eLuRe?dmid=e11f50b139ab9afe

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3/sJGfqKQsSv2rojmlw+oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-3/sJGfqKQsSv2rojmlw+oQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Jan 2021 16:15:23 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.rawstory.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-3/sJGfqKQsSv2rojmlw+oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-3/sJGfqKQsSv2rojmlw+oQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rawstory.com
Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 11:36:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 535111
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sat, 08 Jan 2022 11:36:52 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v70/ 96 KB
97 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v70/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47663194d7d38716a59e702f42a8494d099a24a8f84ad940e0db38938c8a4956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rawstory.com
Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 02:37:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Dec 2020 02:35:37 GMT
server: sffe
age: 221893
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98812
x-xss-protection: 0
expires: Wed, 12 Jan 2022 02:37:10 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rawstory.com
Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 21:30:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 585870
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Fri, 07 Jan 2022 21:30:53 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rawstory.com
Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 19:09:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 75973
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 13 Jan 2022 19:09:10 GMT

GET
H2 200 usersync.html
cdn.undertone.com/js/ Frame 9F36 0
0 103ms
9ms Document
text/html 2600:9000:206f:9600:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9600:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn.undertone.com
:scheme: https
:path: /js/usersync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.rawstory.com/qanon-congress-2649937672/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

content-type: text/html
last-modified: Wed, 16 Dec 2020 12:35:23 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 14 Jan 2021 02:01:54 GMT
etag: W/"8ee422394c26ec0371c4676b43dd838d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: tQzNdq_ubZyKq_f_n2XQNHALX-qq9XfeJYo58xMlIuwJtiQLxv7JGQ==
age: 51211

GET
H/1.1 204 sync_iframe
sync.bfmio.com/ Frame CFC9 0
0 509ms
107ms Document
text/plain 3.228.45.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.45.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: sync.bfmio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.rawstory.com/qanon-congress-2649937672/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

Date: Thu, 14 Jan 2021 16:15:24 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 4C4A 0
0 163ms
60ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.rawstory.com/qanon-congress-2649937672/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; KCCH=YES; pi=109126:2; KADUSERCOOKIE=82BD9ECF-41E8-45FD-881A-1C5048716729; chkChromeAb67Sec=1; DPSync3=1611792000%3A219_201_226_221; SyncRTB3=1611878400%3A35%7C1611792000%3A71_220_21_56_54_7_13_161_3_223_8; KRTBCOOKIE_80=16514-CAESEKCVAGPlps4SXP2--fULJG0&KRTB&22987-CAESEKCVAGPlps4SXP2--fULJG0&KRTB&23025-CAESEKCVAGPlps4SXP2--fULJG0; PUBMDCID=3; KRTBCOOKIE_153=19420-Tw9SAk9aU1NUXFsBHw5PUUsPAFdUXFoDGl1mrSSa&KRTB&22979-Tw9SAk9aU1NUXFsBHw5PUUsPAFdUXFoDGl1mrSSa; KRTBCOOKIE_377=6810-b5d48cf1-725f-4ead-9230-5a3f52f05e25&KRTB&22918-b5d48cf1-725f-4ead-9230-5a3f52f05e25&KRTB&23031-b5d48cf1-725f-4ead-9230-5a3f52f05e25; PugT=1610640923; KRTBCOOKIE_391=22924-8068669995862975656; KRTBCOOKIE_27=16735-uid:d83d6000-6e1a-4000-9c3a-ba40df6ce81b&KRTB&16736-uid:d83d6000-6e1a-4000-9c3a-ba40df6ce81b&KRTB&23019-uid:d83d6000-6e1a-4000-9c3a-ba40df6ce81b&KRTB&23114-uid:d83d6000-6e1a-4000-9c3a-ba40df6ce81b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=145622
Expires: Sat, 16 Jan 2021 08:42:26 GMT
Date: Thu, 14 Jan 2021 16:15:24 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame BE1D 0
303 B 136ms
128ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=91852
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:24 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rawstory.com
Referer: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 04:27:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 560846
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Sat, 08 Jan 2022 04:27:58 GMT

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame FE05 0
303 B 179ms
178ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=91854
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:24 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

GET
H/1.1 200
OK 6162367_300.jpg
img4.zergnet.com/ 20 KB
21 KB 296ms
94ms Image
image/jpeg 99.86.7.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img4.zergnet.com/6162367_300.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-107.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2639c7c1f0db09a7c1c5cd8fea4ee386fc5f2c050389511d058d5b7a997956b

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 13 Jan 2021 21:03:32 GMT
Via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 13 Jan 2021 20:51:05 GMT
Server: AmazonS3
Age: 69113
ETag: "34fac23eff4d24a71486c38e72696bfb"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 20865
X-Amz-Cf-Id: xaK-YJHrVh3O0v9CvIsQpi1IXHj_dfE5Z3giiIB1HbADMBNA4DJV7g==
Expires: Thu, 13 Jan 2022 20:51:04 GMT

GET
H/1.1 200
OK 6164903_300.jpg
img4.zergnet.com/ 21 KB
22 KB 377ms
79ms Image
image/jpeg 99.86.7.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img4.zergnet.com/6164903_300.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-107.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94c0d1037af9bfe643f8c75c0318531c6fb222b5ea6cee65e20313658027d082

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 15:50:37 GMT
Via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 14 Jan 2021 15:44:03 GMT
Server: AmazonS3
Age: 1488
ETag: "e7d72e53b0c2f3a26a354ea5379fab4d"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 21730
X-Amz-Cf-Id: I0sHdOEV-qVyoy-SJ0YlNxOpexwPtRdZmv8IAlZMLgv12qI_00M1Gg==
Expires: Fri, 14 Jan 2022 15:44:02 GMT

GET
H/1.1 200
OK 6149851_300.jpg
img4.zergnet.com/ 12 KB
13 KB 432ms
52ms Image
image/jpeg 99.86.7.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img4.zergnet.com/6149851_300.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-107.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7de5f5efd349e225db5a150751cbad85405c03ee28d7e49f93b4fc3d1fbf013

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 15:45:38 GMT
Via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 11 Jan 2021 15:40:02 GMT
Server: AmazonS3
Age: 260988
ETag: "0790df6ce90adc0f52121f11fd7fc430"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 12606
X-Amz-Cf-Id: EMigz8lAApfHJ5qj_DHfUG7GDJh2vy_fbP8OycVyUVj101-7e_8W1A==
Expires: Tue, 11 Jan 2022 15:40:01 GMT

GET
H/1.1 200
OK 6135739_300.jpg
img4.zergnet.com/ 18 KB
18 KB 489ms
57ms Image
image/jpeg 99.86.7.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img4.zergnet.com/6135739_300.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-107.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71abbd9e340ed9257fdf19ca39ac5d02c15bed973256dbc75ec016aba4078a81

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 02:07:13 GMT
Via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 07 Jan 2021 01:59:39 GMT
Server: AmazonS3
Age: 655693
ETag: "7ea6e47b6bf91171442cc7ef2895bc2f"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 18295
X-Amz-Cf-Id: iRn3BX93lDX_sYyfx49bW1ZgO2wQlt6r9p1a19zwY0ImBs7tUQ-xvA==
Expires: Fri, 07 Jan 2022 01:59:38 GMT

GET
H/1.1 200
OK 5397878_300.jpg
img5.zergnet.com/ 19 KB
19 KB 519ms
45ms Image
image/jpeg 99.86.7.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img5.zergnet.com/5397878_300.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-40.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33715d4ac00bca0a8dcb4668fc9d4fc6c645f4753779a03228ef767cd8d8f7af

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 01:36:57 GMT
Via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:32 GMT
Server: AmazonS3
Age: 1262309
ETag: "2e379b3432cbcac2a899646fd4b4cc41"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 19189
X-Amz-Cf-Id: UdrvyAxrNn5fLqA19FgtakzKT1hrmDrIDJpvlIP7oyUJ78eyy4faqg==
Expires: Thu, 08 Jul 2021 20:34:31 GMT

GET
H/1.1 200
OK 6140135_300.jpg
img4.zergnet.com/ 21 KB
21 KB 573ms
83ms Image
image/jpeg 99.86.7.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img4.zergnet.com/6140135_300.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-107.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b0e1cc6abbf8a7fae8c1e89b85df39bfcc7ba124313b39b5ee94c9db15ddbaa

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 07 Jan 2021 19:53:03 GMT
Via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 07 Jan 2021 19:34:50 GMT
Server: AmazonS3
Age: 591743
ETag: "c12077195fc3ee94bbefdc6908d7dc52"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 21297
X-Amz-Cf-Id: X5R8xWby8cmaOCEJ25HqsZfw1wxoeYYf3TM2WEK8-elZHGxRQwKLRw==
Expires: Fri, 07 Jan 2022 19:34:49 GMT

GET
H2 200 output.js Show response
www.zergnet.com/ 6 KB
2 KB 139ms
110ms Script
application/javascript 52.203.203.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zergnet.com/output.js?id=72546&time=1610640924802&sc=1&crc=%5B3788002077%2C528669367%2C443374673%2C3588342775%2C1049166090%2C45640435%5D&callback=json8603889
Requested by: Host: www.zergnet.com
URL: https://www.zergnet.com/zerg.js?id=72546
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.203.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 133a03f3477d90ae2b6671a9a587441bde2ead324d1b6befe2cf41ad179d546a

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:24 GMT
content-encoding: gzip
server: nginx
p3p: CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: application/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 22 KB
9 KB 337ms
323ms Fetch
text/html 3.248.155.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?w=112075&width=1600&gdpr=1&us_privacy=1---&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&va=1&time=1610640924873&up=pc&bn=chrome&bv=83

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.155.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

417574bc75114739234978e3746f138546c68b2715e34e71fa6378296f4b2393

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.rawstory.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 9325

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 23 KB
10 KB 244ms
231ms Fetch
text/html 3.248.155.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?w=110322&width=1600&gdpr=1&us_privacy=1---&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&va=1&time=1610640924874&up=pc&bn=chrome&bv=83

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.155.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

760e9a591436ab1b47e0940580a2fc61f78725bb002db07b8ee91449044f9fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.rawstory.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 9844

GET
H2 200 origin.png
assets.rbl.ms/23273759/ 4 KB
4 KB 66ms
65ms Image
image/png 151.101.113.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rbl.ms/23273759/origin.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0c5cdaf9d47ef4e6aca8ef156a77f7f3c486b8f69e4d430df59c88f90366e85

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: KGiak0ai9oi1hAUN90IgLBGinpvk0Vdk
via: 1.1 varnish
etag: "f826bbf0a3fe2d65509a036a63a4d8e5"
age: 37629
x-cache: HIT
content-length: 4452
x-amz-id-2: hD6fadUnXjKgE6OS2P+PjyI7pCWmHDL4uHbcsOZsqF7O+VLOc5BJCKUi5zT5m0+jmRLRjRXOiqI=
x-served-by: cache-hhn4059-HHN
last-modified: Tue, 12 May 2020 20:24:32 GMT
server: AmazonS3
x-timer: S1610640925.909387,VS0,VE0
date: Thu, 14 Jan 2021 16:15:24 GMT
x-amz-request-id: 8493AD66E80B7BA9
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/png
x-cache-hits: 7

GET
H2 200 img.png
assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNDQ0NTM4Mi9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTY2MDk4NjkzMH0.8-vKwCwfxP6k43nb4gHtIqmMIf-He3xF4vX... 488 B
824 B 40ms
39ms Image
image/webp 151.101.113.68
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNDQ0NTM4Mi9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTY2MDk4NjkzMH0.8-vKwCwfxP6k43nb4gHtIqmMIf-He3xF4vXJ0udGkoE/img.png?width=128&height=128
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.68 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: 23c16b1410a7888841fc66e274e6037dd8081e2cc16132300c789563b3039a84

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 4782411
x-powered-by: Express
x-cache: HIT, HIT
x-envoy-upstream-service-time: 49
content-encoding: gzip
content-length: 518
x-served-by: cache-bwi5138-BWI, cache-hhn4021-HHN
fastly-service: 6n5SeXI9vaBDWRYEBuCDvI
server: istio-envoy
x-timer: S1610640925.981797,VS0,VE0
etag: W/"3ad-BJ4mFDWm38+s/ko5Wak+nw6c1d8"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H/1.1 200
OK 6165057_300.jpg
img2.zergnet.com/ 21 KB
22 KB 702ms
70ms Image
image/jpeg 99.86.7.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.zergnet.com/6165057_300.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-102.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0298b08856a9895b8598da3d3e882d5f81d97c2ff9795e120426b62d483b853f

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 16:10:19 GMT
Via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 14 Jan 2021 15:54:30 GMT
Server: AmazonS3
Age: 307
ETag: "917fba8dbb10e2fce5982ff5a6232480"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 21656
X-Amz-Cf-Id: Us3YDdaIGvVUcoRbzwPh4kABdOalZW1cyNXWQhu77xYlT48ezhtFmg==
Expires: Fri, 14 Jan 2022 15:54:29 GMT

GET
H/1.1 200
OK 6157794_300.jpg
img5.zergnet.com/ 17 KB
18 KB 240ms
39ms Image
image/jpeg 99.86.7.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img5.zergnet.com/6157794_300.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-40.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 214465bef2adfc640ddbeba0b9986db3957f37c6468a9295e76ca5e29f8aa60a

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 20:50:24 GMT
Via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 12 Jan 2021 20:43:25 GMT
Server: AmazonS3
Age: 156302
ETag: "d6064a422ac3d7ee1fae0208af68ecaf"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 17829
X-Amz-Cf-Id: -LcrYQJGfcXqX3ZCmyRlPPmGvs4WwtotYoGP4Xm0Aw6Y2d1SSGYZ3w==
Expires: Wed, 12 Jan 2022 20:43:24 GMT

GET
H/1.1 200
OK 6154459_300.jpg
img4.zergnet.com/ 25 KB
26 KB 254ms
56ms Image
image/jpeg 99.86.7.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img4.zergnet.com/6154459_300.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-107.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 827f31befffb88460a28466d0c3c5fec107f01d45e96c1091014606b732b2e73

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 14:58:56 GMT
Via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 12 Jan 2021 14:39:56 GMT
Server: AmazonS3
Age: 177390
ETag: "9957a9af7745adb87bdd678a8412eee4"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 25916
X-Amz-Cf-Id: D0dP-XPNnZRcd5V_8pcXU-VlWX1hOjaG_1OgMKrg6MM7dt17jnBuFg==
Expires: Wed, 12 Jan 2022 14:39:55 GMT

GET
H/1.1 200
OK 6146929_300.jpg
img2.zergnet.com/ 27 KB
27 KB 728ms
127ms Image
image/jpeg 99.86.7.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.zergnet.com/6146929_300.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-102.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c39ef90a5ea7df4785f15591d58051d2b24ea6caff617bb8f70094f5b04d2d4

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 09 Jan 2021 14:56:24 GMT
Via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 09 Jan 2021 14:37:48 GMT
Server: AmazonS3
Age: 436742
ETag: "f78247da435bc0fa98c569af2859ee45"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 27183
X-Amz-Cf-Id: C9yv2z2BcAoXJMSbRTScIdKCMH_2KRA8Yesv_4SBlpGXOkMAgiVshw==
Expires: Sun, 09 Jan 2022 14:37:47 GMT

GET
H/1.1 200
OK 6147129_300.jpg
img2.zergnet.com/ 20 KB
21 KB 767ms
93ms Image
image/jpeg 99.86.7.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.zergnet.com/6147129_300.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-102.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6e274943b49e7294769064939f61d55dd3818dcbf7c59c2ef123004b67b067a

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 09 Jan 2021 19:20:31 GMT
Via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 09 Jan 2021 19:13:51 GMT
Server: AmazonS3
Age: 420895
ETag: "a7e6625800f34a5845007e2c81fe7771"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 20895
X-Amz-Cf-Id: LXfu59tpVvR8v21ASFGlAzyiGgaJcTbMH9P5QgFUKTbogSjS5oAoQQ==
Expires: Sun, 09 Jan 2022 19:13:50 GMT

GET
H/1.1 200
OK 6081715_300.jpg
img4.zergnet.com/ 26 KB
26 KB 157ms
44ms Image
image/jpeg 99.86.7.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img4.zergnet.com/6081715_300.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-107.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2399a444cc3d6556299682b67a87c87e57e902872251a1239477102d747d77e

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Dec 2020 10:52:41 GMT
Via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 21 Dec 2020 17:41:57 GMT
Server: AmazonS3
Age: 1747365
ETag: "756edfa8a904e7eb4e38e52978d617c3"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 26173
X-Amz-Cf-Id: gNh3P4AJlbbn5ulv9XIhuNyhneexCl5WWdK7KFDIkiNarv7jfTChNA==
Expires: Tue, 21 Dec 2021 17:41:56 GMT

GET
H2 200 script.js Show response
d1bvk193qme2fc.cloudfront.net/ 106 KB
35 KB 42ms
6ms Script
application/javascript 2600:9000:206f:1e00:19:f03c:7200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1e00:19:f03c:7200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8dd18d4edea0f5bd9590d7dd98a2be4dba6f6b8ad586ddec8a4b97d5c37f0f4

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:09:58 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 17:44:38 GMT
server: AmazonS3
age: 328
etag: W/"03e02f867dab98d6a01eef4039e64049"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: p8WhrPhTalCfJ92kdyxL1kZShyantPxZvz6TurJMZHcDT8yWxm8f2Q==

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 152ms
52ms Fetch 3.248.155.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/impression
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.155.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:25 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 95ms
53ms Fetch 3.248.155.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/impression
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.155.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:25 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 /
img.revcontent.com/ 20 KB
20 KB 88ms
29ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
last-modified: Wed, 01 Jul 2020 17:13:25 GMT
etag: "1593623605"
x-hw: 1610640925.cds047.sk1.hn,1610640925.cds040.sk1.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20438

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 4 KB
4 KB 1120ms
32ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:26 GMT
last-modified: Thu, 07 Jan 2021 15:09:55 GMT
etag: "1610032195"
x-hw: 1610640926.cds010.sk1.hn,1610640926.cds017.sk1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=51
accept-ranges: bytes
content-length: 4298

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 197ms
133ms Other
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.rawstory.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Thu, 14 Jan 2021 16:15:25 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 138ms
137ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

GET
H2 200 settings.js Show response
www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/lightbox/37158095-34d0-4f8a-8053-c29b1f538491/ 4 KB
3 KB 15ms
15ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/lightbox/37158095-34d0-4f8a-8053-c29b1f538491/settings.js?cb=637447765373566247
Requested by: Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83ba93d8ccf466185636ca5c667ee23a0dc8c860741c642f6af1e4304b4789bd

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 16:15:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 0XnFpLG30FpCjtHWN0OBXA==
age: 251555
cf-polished: origSize=4106
last-modified: Fri, 13 Nov 2020 22:21:54 GMT
cf-request-id: 07a3473b0600002b4d1d017000000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: a6b2676b-001e-0040-6b46-dd7c2f000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6118a7d80abb2b4d-FRA
expires: Fri, 14 Jan 2022 16:15:25 GMT

GET
H2 200 lightbox_builder.js Show response
www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/ Frame FE0A 225 KB
31 KB 28ms
27ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/6f897c4d-6d94-4082-a5eb-d8d7748d7012/lightbox_builder.js?cb=637447765373566247
Requested by: Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 928d42d56aa85bd3c4e1172d42446eb3e50addae129c91d8db2ba5c881543712

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 16:15:25 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: aJb0Qg3/gNem87+6PDBKig==
age: 251555
cf-polished: origSize=364533
last-modified: Mon, 28 Dec 2020 18:22:17 GMT
cf-request-id: 07a3473b2400002b4d6e0f5000000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: f871063d-001e-0100-2246-dd1394000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 6118a7d83b202b4d-FRA
expires: Fri, 14 Jan 2022 16:15:25 GMT

GET
H2 200 5fb1e5e97f00e6-48377644.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 15 KB
15 KB 101ms
33ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5fb1e5e97f00e6-48377644.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8c55fc7362462006ca71885ca303089662480c3ea1514604e8d66d4f4f359370

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="5fb1e5e97f00e6-48377644.webp"
server-timing: fastly;dur=125;cpu=0;start=2021-01-04T04:41:29.423Z;desc=miss,rtt;dur=1,cloudinary;dur=33;start=2021-01-04T04:41:29.468Z
content-length: 15020
last-modified: Mon, 16 Nov 2020 22:15:24 GMT
server: Cloudinary
etag: "485ca95e3927c037edfd22727f241572"
vary: Accept
x-hw: 1610640925.cds026.sk1.hn,1610640925.cds232.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 e9294a3b489d65e7f2317e4a5639be1f.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 9 KB
9 KB 94ms
34ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/e9294a3b489d65e7f2317e4a5639be1f.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

c49639dce2ec2a9b9903069a629be3befe896f81b3994383d258831499a55122

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="e9294a3b489d65e7f2317e4a5639be1f.webp"
server-timing: fastly;dur=1;cpu=0;start=2020-10-20T15:19:56.795Z;desc=hit,rtt;dur=0
content-length: 9104
last-modified: Mon, 12 Oct 2020 18:14:08 GMT
server: Cloudinary
etag: "1b79a1398410c43a8d2d247676a702bd"
vary: Accept
x-hw: 1610640925.cds026.sk1.hn,1610640925.cds066.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5fd408e4a6c062-00078348.gif
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 17 KB
17 KB 105ms
52ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5fd408e4a6c062-00078348.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

32269bddb5515232743fd59118bc945b2f148e325065cf66f1abfc042c8bc3e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="5fd408e4a6c062-00078348.webp"
server-timing: fastly;dur=218;cpu=0;start=2020-12-14T15:03:22.119Z;desc=miss,rtt;dur=0,cloudinary;dur=124;start=2020-12-14T15:03:22.164Z
content-length: 17058
last-modified: Mon, 14 Dec 2020 14:58:18 GMT
server: Cloudinary
etag: "9c51ed137cd031db203a70c6c10caad8"
vary: Accept
x-hw: 1610640925.cds026.sk1.hn,1610640925.cds042.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5ffa816d6cb952-80288624.PNG
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 13 KB
13 KB 108ms
61ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5ffa816d6cb952-80288624.PNG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6a588c588b0c76f4ff2f18d6eacbb2a6e68ad91b5926e20067e209853fd9ad02

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="5ffa816d6cb952-80288624.webp"
server-timing: fastly;dur=1;start=2021-01-14T16:15:25.582Z;desc=hit,rtt;dur=0
vary: Accept,User-Agent
content-length: 13364
last-modified: Thu, 14 Jan 2021 14:17:48 GMT
server: Cloudinary
etag: "04d399402386f92ba5c884dace7ee89d"
strict-transport-security: max-age=604800
x-hw: 1610640925.cds026.sk1.hn,1610640925.cds038.sk1.sc,1610640925.cds038.sk1.p
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15271120062018314638.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 8 KB
8 KB 33ms
32ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15271120062018314638.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

10bfce5af88c27ea73d81e1b350bc0db8a70247814908d8090364e109a29e5e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15271120062018314638.webp"
server-timing: fastly;dur=119;cpu=0;start=2020-10-20T15:17:55.789Z;desc=hit,rtt;dur=1
content-length: 8418
last-modified: Mon, 12 Oct 2020 18:14:18 GMT
server: Cloudinary
etag: "a29f65b8d41b2a8aef6c1dd81a25a8f6"
vary: Accept
x-hw: 1610640925.cds026.sk1.hn,1610640925.cds021.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5f91376fe5f321-32230255.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 9 KB
10 KB 34ms
34ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5f91376fe5f321-32230255.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

c9c31ac15ce43ed9d2e3d5910a4d1530250db59cee31ee0609854f6591d3fe1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="5f91376fe5f321-32230255.webp"
server-timing: fastly;dur=455;cpu=0;start=2020-11-16T14:35:39.117Z;desc=miss,rtt;dur=1,cloudinary;dur=355;start=2020-11-16T14:35:39.166Z
content-length: 9704
last-modified: Thu, 22 Oct 2020 15:49:22 GMT
server: Cloudinary
etag: "2e9c497bbdde9d2d8f3ead5e1b339d3e"
vary: Accept
x-hw: 1610640925.cds026.sk1.hn,1610640925.cds049.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame FE0A 2 KB
625 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=fallback

Requested by

Host: www.rawstory.com
URL: https://www.rawstory.com/qanon-congress-2649937672/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c55e601438c7d494890e1b85a9f71560786b4d11a086debe88677f443c700379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 16:15:25 GMT
server: ESF
date: Thu, 14 Jan 2021 16:15:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jan 2021 16:15:25 GMT

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
224 B 12ms
12ms Image
image/gif 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1610640925645&h=www.rawstory.com&e=i&u=42439&b=197707&v=empty&s=empty
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jan 2021 16:15:25 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1700846
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
cf-request-id: 07a3473bcc00002b4d8a20a000000001
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: fea83bb3-001e-000f-6618-dbb837000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6118a7d94e112b4d-FRA
cf-bgj: imgq:85,h2pri

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame FE0A 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=fallback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.rawstory.com
Referer: https://fonts.googleapis.com/css?family=Roboto&display=fallback
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:12:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Fri, 14 Jan 2022 16:12:05 GMT

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 65ms
64ms Fetch 3.248.155.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.155.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:25 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 65ms
65ms Fetch 3.248.155.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.155.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:25 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 5fb1e5e0e368a6-21557030.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 12 KB
12 KB 31ms
30ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5fb1e5e0e368a6-21557030.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

97beb16d3fcddd3ef413d6d5389e0439114ba95d80313481c6f7e3362ed665bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="5fb1e5e0e368a6-21557030.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-01-04T04:40:43.937Z;desc=hit,rtt;dur=1
content-length: 11780
last-modified: Mon, 16 Nov 2020 22:12:45 GMT
server: Cloudinary
etag: "4f82b931455268f230ad190e4d64a62d"
vary: Accept
x-hw: 1610640925.cds026.sk1.hn,1610640925.cds216.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15746815770080261269.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 9 KB
9 KB 31ms
30ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15746815770080261269.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

1889bb00e6453b0d358895496a9bba69944ca1ea7ff10a0b494e68a079a2955c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15746815770080261269.webp"
server-timing: fastly;dur=1;start=2020-10-20T15:19:54.520Z;desc=hit,rtt;dur=1
content-length: 8948
last-modified: Mon, 12 Oct 2020 18:14:16 GMT
server: Cloudinary
etag: "fd26be61a7ea4e546c166100f8ef7008"
vary: Accept
x-hw: 1610640925.cds026.sk1.hn,1610640925.cds214.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 c880b053706800a9676c62fd28b4323c.png
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 9 KB
9 KB 33ms
33ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/c880b053706800a9676c62fd28b4323c.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0f0842807f38f67d1c68bdfd903b756b9853696ee3c413cbff48b0cd3742fac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="c880b053706800a9676c62fd28b4323c.webp"
server-timing: fastly;dur=1;cpu=0;start=2020-11-10T17:44:28.520Z;desc=hit,rtt;dur=1
content-length: 9228
last-modified: Tue, 10 Nov 2020 17:40:35 GMT
server: Cloudinary
etag: "3ce069977ac97a07708698997f02d2b8"
vary: Accept
x-hw: 1610640925.cds026.sk1.hn,1610640925.cds013.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15643107941285251590.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 8 KB
8 KB 31ms
30ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15643107941285251590.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

58902efd33adf8f0bf1e76f65714fcf671026f3b1b56d628f0fe82113ba4e22e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15643107941285251590.webp"
server-timing: fastly;dur=128;cpu=1;start=2020-12-28T16:01:31.381Z;desc=miss,rtt;dur=0,cloudinary;dur=35;start=2020-12-28T16:01:31.426Z
content-length: 8014
last-modified: Mon, 12 Oct 2020 18:14:33 GMT
server: Cloudinary
etag: "37dc8d4c85abdbcc8388302c32dfc03d"
vary: Accept
x-hw: 1610640925.cds026.sk1.hn,1610640925.cds206.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 e9294a3b489d65e7f2317e4a5639be1f.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 9 KB
9 KB 32ms
31ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/e9294a3b489d65e7f2317e4a5639be1f.jpg

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

c49639dce2ec2a9b9903069a629be3befe896f81b3994383d258831499a55122

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="e9294a3b489d65e7f2317e4a5639be1f.webp"
server-timing: fastly;dur=1;cpu=0;start=2020-10-20T15:19:56.795Z;desc=hit,rtt;dur=0
content-length: 9104
last-modified: Mon, 12 Oct 2020 18:14:08 GMT
server: Cloudinary
etag: "1b79a1398410c43a8d2d247676a702bd"
vary: Accept
x-hw: 1610640925.cds026.sk1.hn,1610640925.cds066.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 4a4316568d00da61beea6ac3ca9f617f.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 12 KB
13 KB 31ms
31ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/4a4316568d00da61beea6ac3ca9f617f.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

48c226ed98e0dd985fc8ae1b2abfc6eb451495403bd9674c9c3bf5c44b02dfa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="4a4316568d00da61beea6ac3ca9f617f.webp"
server-timing: fastly;dur=393;cpu=0;start=2020-11-12T12:11:11.906Z;desc=miss,rtt;dur=1,cloudinary;dur=282;start=2020-11-12T12:11:11.964Z
content-length: 12670
last-modified: Mon, 12 Oct 2020 18:14:27 GMT
server: Cloudinary
etag: "41664cd9ddcbb62e34ab8fffc3f4e1dc"
vary: Accept
x-hw: 1610640925.cds026.sk1.hn,1610640925.cds063.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 52ms
51ms Fetch 3.248.155.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.155.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:25 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 delivery.js Show response
assets.newsmaxwidget.com/master/ 306 KB
83 KB 100ms
31ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.newsmaxwidget.com/master/delivery.js
Requested by: Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7644e16c3f1cebc16184feaf91e2074136366faf4a7dc16e5adf523905622b0

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:26 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 17:16:03 GMT
server: AmazonS3
x-amz-request-id: 05267A1745333633
etag: "5a431c3db107d41b86d368b4079d5bc7"
x-hw: 1610640926.cds033.sk1.hn,1610640926.cds049.sk1.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 85017
x-amz-id-2: nSEz53pNP/I/IOiv4Y3cquWQ4NKN4LLkhDjOmt/7F3Zs7UdUFMtZlGOCNndqYucscPSKM0HgLMQ=

GET
H2 204 generic
trends.newsmaxwidget.com/event/ 0
136 B 161ms
50ms Image
text/plain 34.254.210.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.newsmaxwidget.com/event/generic?t=e0BexIGnHI9%2BpNjG49wkYEyVM4y3BQNxwkTNY7a7dgvvBvz6%2FYgrimsvlkxxk7S%2BA%2FaojW3WOF3%2FGbHkr3qzjPKHxbgzvCAowRUaLS4dKWY%3D&e=adapty&s[ref]=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&s[hash]=NFdSgUJEbGo0sJ0zC5cqEs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.210.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Jan 2021 16:15:27 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame BE1D 206 B
490 B 1330ms
1075ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=91852
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: f41c4ff169ee2b5a53a69056cce3382fb2d57b1de9f25aa5e7c56c360a371f07

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:28 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 lounge.93b42de3124a0dd0533f88d602ff11e8.css
c.disquscdn.com/next/embed/styles/ 0
22 KB 58ms
38ms Other
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.93b42de3124a0dd0533f88d602ff11e8.css

Requested by

Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 678425
strict-transport-security: max-age=300; includeSubdomains
content-length: 22661
cf-request-id: 07a34741bb000005d0e4a62000000001
timing-allow-origin: *
last-modified: Thu, 17 Dec 2020 22:41:59 GMT
server: cloudflare
etag: "5fdbdeb7-5885"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 6118a7e2cf7505d0-FRA
x-amz-cf-id: FoLAKKYeyCVOQCHjxkf648euNl2eE6RaXpXOfpVsO0oF_J48wSAC-w==
expires: Thu, 06 Jan 2022 19:48:21 GMT

GET
H2 200 common.bundle.38ea27189bdb723eae3dabf5bc7b8c0b.js
c.disquscdn.com/next/embed/ 0
93 KB 43ms
23ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.38ea27189bdb723eae3dabf5bc7b8c0b.js

Requested by

Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 234142
strict-transport-security: max-age=300; includeSubdomains
content-length: 94778
cf-request-id: 07a34741bb000005d08f8d2000000001
timing-allow-origin: *
last-modified: Mon, 11 Jan 2021 21:10:38 GMT
server: cloudflare
etag: "5ffcbece-1723a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 6118a7e2cf7b05d0-FRA
x-amz-cf-id: IPH2Ychi9ylfThDq4vOs9o2Rc8M0Ypdu-s2Q_SL2aA1yH56ait05kA==
expires: Tue, 11 Jan 2022 23:13:03 GMT

GET
H2 200 lounge.bundle.e99bef264ab1dbdf324efcfb446cf290.js
c.disquscdn.com/next/embed/ 0
114 KB 33ms
14ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.e99bef264ab1dbdf324efcfb446cf290.js

Requested by

Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 234142
strict-transport-security: max-age=300; includeSubdomains
content-length: 116439
cf-request-id: 07a34741bc000005d0a19d4000000001
timing-allow-origin: *
last-modified: Mon, 11 Jan 2021 21:10:38 GMT
server: cloudflare
etag: "5ffcbece-1c6d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW55-C3
accept-ranges: bytes
cf-ray: 6118a7e2cf7c05d0-FRA
x-amz-cf-id: RpxEggxphocoSC2TYivFfRA1ZJSY_j6ULQ7_6jad6RGUblRyJB-kZQ==
expires: Tue, 11 Jan 2022 23:13:03 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
11 KB 63ms
23ms Other
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 16:15:27 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 15
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 10242
X-XSS-Protection: 1; mode=block

GET
H2 200 / Show response
trends.newsmaxwidget.com/api/demand/ 52 B
267 B 54ms
54ms Fetch
text/html 34.254.210.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.newsmaxwidget.com/api/demand/?w=167088&gdpr=1&us_privacy=1---&wlw=newsmaxwidget.com

Requested by

Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.210.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:27 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.newsmaxwidget.com/ 0
0 52ms
51ms Fetch 34.254.210.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.newsmaxwidget.com/sync?gdpr=1
Requested by: Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.210.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:27 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 998C 0
0 118ms
117ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=rawstory&t_i=2649937672%20https%3A%2F%2Fwww.rawstory.com%2F%3Fp%3D2649937672&t_u=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&t_d=MSNBC%27s%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues%20-%20Raw%20Story%20-%20Celebrating%2016%20Years%20of%20Independent%20Journalism&t_t=MSNBC%27s%20Morning%20Joe%20says%20Qanon%20cultists%20pose%20violent%20threat%20to%20their%20Democratic%20colleagues%20-%20Raw%20Story%20-%20Celebrating%2016%20Years%20of%20Independent%20Journalism&s_o=default

Requested by

Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.rawstory.com/qanon-congress-2649937672/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.rawstory.com/qanon-congress-2649937672/

Response headers

Connection: keep-alive
Content-Length: 16421
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Thu, 14 Jan 2021 16:09:15 GMT
ETag: W/"lounge:view:8355038863.4acae22f2097bd6b7318d837fb302c8f.2"
Content-Encoding: gzip
Date: Thu, 14 Jan 2021 16:15:27 GMT
Age: 3
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 / Show response
trends.newsmaxwidget.com/api/delivery/ 30 KB
12 KB 359ms
359ms Fetch
text/html 34.254.210.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.newsmaxwidget.com/api/delivery/?w=167088&width=1600&gdpr=1&us_privacy=1---&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&va=1&time=1610640927395&up=pc&bn=chrome&bv=83

Requested by

Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.210.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

3bd8976d2ac903999c8f577ffc0813cb8df1fc40d0d3ad119ace7c595b9fd47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:27 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.rawstory.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 11980

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame FE05 217 B
500 B 448ms
194ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=91854
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: 8f86015e1482bf3d1dd559b770ede8ec14442e071170e4a4bc97e871fd214d2c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:27 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 196

GET
H2 200 script.js Show response
d1bvk193qme2fc.cloudfront.net/ 106 KB
35 KB 6ms
6ms Script
application/javascript 2600:9000:206f:1e00:19:f03c:7200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Requested by: Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1e00:19:f03c:7200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8dd18d4edea0f5bd9590d7dd98a2be4dba6f6b8ad586ddec8a4b97d5c37f0f4

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:09:58 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 17:44:38 GMT
server: AmazonS3
age: 330
etag: W/"03e02f867dab98d6a01eef4039e64049"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: qtj6n7peXNa9SSqJZyBC0eP3OE69NRifpkIY0ujFttZjT40QdgcQGg==

POST
H2 204 impression
trends.newsmaxwidget.com/event/ 0
0 142ms
48ms Fetch 34.254.210.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.newsmaxwidget.com/event/impression
Requested by: Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.210.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:27 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 15643107941285251590.jpg
images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 12 KB
13 KB 129ms
32ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/15643107941285251590.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

345f0d1cf18b0e5e671d42db0216869c7370528644172a96c52013ac68054237

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15643107941285251590.webp"
server-timing: fastly;dur=170;cpu=0;start=2020-12-28T16:01:28.949Z;desc=hit,rtt;dur=0
content-length: 12640
last-modified: Mon, 12 Oct 2020 18:14:48 GMT
server: Cloudinary
etag: "bd759916cd0ca653d02b91026124d343"
vary: Accept
x-hw: 1610640928.cds067.sk1.hn,1610640928.cds015.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5f3d542c56d5b8-06589581.jpg
images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 12 KB
12 KB 101ms
33ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/5f3d542c56d5b8-06589581.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

22f60de6b6730b06d7c88ea0755eaecbe9435b2bd59502aa2df56780938d9237

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="5f3d542c56d5b8-06589581.webp"
server-timing: fastly;dur=1;cpu=0;start=2020-10-20T19:01:49.275Z;desc=hit,rtt;dur=4
content-length: 12284
last-modified: Mon, 12 Oct 2020 18:14:39 GMT
server: Cloudinary
etag: "f0d0f89e26218395968e74a93ff105ee"
vary: Accept
x-hw: 1610640928.cds067.sk1.hn,1610640928.cds045.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5f91a780e418f7-17609804.jpg
images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 21 KB
21 KB 115ms
53ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/5f91a780e418f7-17609804.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

9a93ff3c9057863ee52c00f8bf074e05c31d759a8cdbddd0a69c6be14a86d70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="5f91a780e418f7-17609804.webp"
server-timing: fastly;dur=1;cpu=0;start=2020-11-22T10:32:26.736Z;desc=hit,rtt;dur=1
content-length: 21248
last-modified: Fri, 23 Oct 2020 17:59:06 GMT
server: Cloudinary
etag: "eb5f5b103f89b23714b982c9b9767a94"
vary: Accept
x-hw: 1610640928.cds067.sk1.hn,1610640928.cds013.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 c880b053706800a9676c62fd28b4323c.png
images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 15 KB
15 KB 103ms
53ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/c880b053706800a9676c62fd28b4323c.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

4ae6fadc73877dabecc11d3d53f3e1ce41cb0aa533472404d7bd024890e6e7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="c880b053706800a9676c62fd28b4323c.webp"
server-timing: fastly;dur=446;cpu=0;start=2020-11-18T00:15:54.641Z;desc=miss,rtt;dur=1,cloudinary;dur=50;start=2020-11-18T00:15:54.987Z
content-length: 15352
last-modified: Tue, 10 Nov 2020 17:49:55 GMT
server: Cloudinary
etag: "02da6946f8a02c385de584df45176505"
vary: Accept
x-hw: 1610640928.cds067.sk1.hn,1610640928.cds203.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5ec6704ceadd97-70821404.jpg
images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 17 KB
17 KB 102ms
94ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/5ec6704ceadd97-70821404.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

fade06c6dfe89b1a1b4f187fcea41dc1b3952747eae415fa7f08408b23cc4197

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="5ec6704ceadd97-70821404.webp"
server-timing: fastly;dur=2;cpu=1;start=2020-10-20T19:29:11.806Z;desc=hit,rtt;dur=1
content-length: 16978
last-modified: Mon, 12 Oct 2020 18:14:39 GMT
server: Cloudinary
etag: "250d18fedef595e91156a33d401bba7a"
vary: Accept
x-hw: 1610640928.cds067.sk1.hn,1610640928.cds030.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5ffa816d6cb952-80288624.PNG
images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 21 KB
21 KB 106ms
102ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/5ffa816d6cb952-80288624.PNG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8b18b37b11e81e6ca2757512bdf81ac2534719a2556348e9ebcfc5f362b707cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:28 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="5ffa816d6cb952-80288624.webp"
server-timing: fastly;dur=1;start=2021-01-14T16:15:28.193Z;desc=hit,rtt;dur=0
vary: Accept,User-Agent
content-length: 21590
last-modified: Thu, 14 Jan 2021 14:20:36 GMT
server: Cloudinary
etag: "02872e4bdfd1563926d14d126db58c1b"
strict-transport-security: max-age=604800
x-hw: 1610640928.cds067.sk1.hn,1610640928.cds205.sk1.sc,1610640928.cds205.sk1.p
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5fcc6ed1bb2053-90220348.jpg
images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 13 KB
13 KB 84ms
74ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/5fcc6ed1bb2053-90220348.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f7d43881b0a8c9adb92dfe3c2594d757c1a590342e64bebb7881a8a156cb0f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="5fcc6ed1bb2053-90220348.webp"
server-timing: fastly;dur=108;cpu=0;start=2020-12-27T10:24:17.785Z;desc=miss,rtt;dur=0,cloudinary;dur=15;start=2020-12-27T10:24:17.833Z
content-length: 13520
last-modified: Sun, 27 Dec 2020 10:23:42 GMT
server: Cloudinary
etag: "9b13787bb238b08e0a82dd475efff141"
vary: Accept
x-hw: 1610640928.cds067.sk1.hn,1610640928.cds212.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 636f3ea27ce95f2f9e404ef0b9911ccd.jpg
images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 9 KB
9 KB 73ms
73ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.newsmaxwidget.com/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/636f3ea27ce95f2f9e404ef0b9911ccd.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6771bbabb5ae9173ef4bd7468ed1f61438537d352d50682bc2832aeaad19b803

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="636f3ea27ce95f2f9e404ef0b9911ccd.webp"
server-timing: fastly;dur=1;cpu=0;start=2020-10-20T20:09:03.030Z;desc=hit,rtt;dur=0
content-length: 8926
last-modified: Mon, 12 Oct 2020 18:14:56 GMT
server: Cloudinary
etag: "6fd38327df392560aeae045922745ca7"
vary: Accept
x-hw: 1610640928.cds067.sk1.hn,1610640928.cds066.sk1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK stat.gif
referrer.disqus.com/juggler/ 43 B
295 B 207ms
111ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/stat.gif?event=cmp.present

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 16:15:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

POST
H2 204 generic
trends.newsmaxwidget.com/event/ 0
0 101ms
96ms Fetch 34.254.210.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.newsmaxwidget.com/event/generic
Requested by: Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.210.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.rawstory.com
date: Thu, 14 Jan 2021 16:15:28 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 6857 337 B
470 B 30ms
30ms Stylesheet
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1685876
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
cf-request-id: 07a34747a4000005d0dd36c000000001
timing-allow-origin: *
last-modified: Tue, 17 Nov 2020 19:25:20 GMT
server: cloudflare
etag: "5fb423a0-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW3-C1
accept-ranges: bytes
cf-ray: 6118a7ec3e5805d0-FRA
x-amz-cf-id: bXIMJ1-lqAO3UdooVh5uxIMFBzfzU1TPN0UMbp_Yhh2TonBiviCwsA==
expires: Thu, 18 Nov 2021 12:38:46 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame D4AB 337 B
359 B 40ms
39ms Stylesheet
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1685876
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
cf-request-id: 07a34747d7000005d0a4ac6000000001
timing-allow-origin: *
last-modified: Tue, 17 Nov 2020 19:25:20 GMT
server: cloudflare
etag: "5fb423a0-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: DFW3-C1
accept-ranges: bytes
cf-ray: 6118a7ec8f3605d0-FRA
x-amz-cf-id: bXIMJ1-lqAO3UdooVh5uxIMFBzfzU1TPN0UMbp_Yhh2TonBiviCwsA==
expires: Thu, 18 Nov 2021 12:38:46 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 114ms
108ms Image
image/gif 54.84.196.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=rawstory.com&p=%2Fqanon-congress-2649937672%2F&u=Cv4aizBCN1i3r8c4h&d=rawstory.com&g=10725&g0=Push%20Notification%2CSmartNews%2CFrontpage%20videos%20-%206%20articles&g1=Travis%20Gettys&n=1&f=00001&c=0.25&x=0&m=0&y=16424&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=612&t=D76OY3DJfOkUCWlx5nQurbVwsh19&V=121&tz=-60&sn=2&sv=DOulpkCxk9BTDtZZGcBL8ynzBZBwmz&sd=1&im=067b0ff2&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.196.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-196-220.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 16:15:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame BE1D 0
303 B 383ms
128ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=91852
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:32 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame FE05 0
303 B 331ms
129ms XHR
multipart/form-data 52.14.222.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=91854
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.14.222.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Thu, 14 Jan 2021 16:15:32 GMT
Content-Encoding: br
Server: openresty/1.15.8.2
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.rawstory.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1

GET
H2 200 spacer.gif Show response
pages-stats.rbl.ms/ 43 B
213 B 108ms
107ms Fetch
image/gif 54.86.238.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pages-stats.rbl.ms/spacer.gif?1610640933467&event=post-page-view-duration&version=1&format=json&data=%7B%22site_id%22%3A20266338%2C%22roar_id%22%3A20266338%2C%22client%22%3A%22desktop%22%2C%22referrer%22%3A%22%22%2C%22duration%22%3A10000%7D
Requested by: Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.238.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-238-79.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.rawstory.com/qanon-congress-2649937672/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:15:33 GMT
last-modified: Tue, 20 Oct 2020 10:45:25 GMT
server: openresty
etag: "5f8ebfc5-2b"
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=77534&zone_id=1384908&size_id=15%3B2%3B2%3B15%3B15%3B15&alt_size_ids=2%3B%3B55%2C57%3B9%2C10%3B9%2C10%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=ebf3c6b4-f936-4f96-8722-d09477716ee3%3B73e54aec-57d4-46aa-a2a3-c2ba2aca9468%3Bf3a5ee70-e26d-4b20-a1d4-c55bfd65ea82%3Bd72a6dfb-6fdd-4715-b37b-0cd876f0472e%3B9e2698b8-229f-4bdf-a619-72639d3bd84e%3B0347471f-7b74-4a26-a823-3bb3e170f42f&p_screen_res=1600x1200&tg_fl.eid=1384908-4%3B1384908-5%3B1384908-8%3B1384908-1%3B1384908-2%3B1384908-3&rf=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&x_source.pchain=proper.io%3Ae5961d07-eb92-11e9-a488-69e3386c7506&rp_schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&slots=6&rand=0.2813381666289785

Domain: hb-api.omnitagjs.com
URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F

Domain: bidder.criteo.com
URL: https://bidder.criteo.com/cdb?profileId=207&av=29&wv=3.26.0&cb=99052747151&im=1

Domain: hb.undertone.com
URL: https://hb.undertone.com/hb?pid=2801&domain=rawstory.com

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.26.0

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: propermedia-d.openx.net
URL: https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.rawstory.com%2Fqanon-congress-2649937672%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&aus=300x250%7C300x250%7C728x90%7C160x600%7C970x250%7C970x90%7C300x250%2C300x600%7C300x250%2C300x600%7C728x90%7C728x90%7C160x600&auid=539865252%2C539865253%2C539865264%2C539865275%2C540635254%2C540635255%2C540709359%2C540709360%2C540722175%2C540722177%2C540810739&aumfs=100%2C100%2C100%2C100%2C100%2C100%2C100%2C100%2C100%2C100%2C100&dddid=b337a47e-1ec6-4062-9004-f05896d2ad88%2Cd24f43ee-ea4e-420a-ac3e-1a937e515fec%2Cac87f6ad-aada-4271-82f3-4397ce21ef4e%2C05e9456d-5fc1-43a6-a8d4-436af0aca121%2C80120269-41b7-4e9d-be6e-b5e2e4c6a85b%2C57466f25-6cb1-4c5a-a423-cd38774a9467%2Cdf30b713-d746-47c4-8a45-511c91ec201c%2C0f4e7a30-d904-42a0-ae4c-f2713529dbe8%2Cae0974ca-f778-4689-a52d-c84288080600%2C6cd2b6bc-9dae-4599-8e10-923c0f297634%2C59fc8de7-524e-46d0-9ffe-a1d9b5c3e2f4&divIds=openx-8f09a8ad-de01-481c-9387-93e21455aab1%2Copenx-da83e8e5-29df-487f-be15-c1b3f9f31298%2Copenx-c69ec5df-5e04-4076-b9a0-ca81efc2778c%2Copenx-4d6cd39e-aad9-4a7a-b257-abdf1d4aaca7%2Copenx-0f019021-ce2b-4919-b003-7ec40735913f%2Copenx-2c063a06-c263-4dd1-b7b6-e6d99d6bba56%2Copenx-0ff1480d-4c1e-4bbf-8e48-9e49a90d6b70%2Copenx-4e10292d-3d78-406e-bc43-24c2be5991e9%2Copenx-4e868461-85e3-4e28-bf16-bcc521e5a090%2Copenx-af28a2a8-8d56-4afa-9153-c9335499d622%2Copenx-8ea5d231-c3f8-4387-97d8-e3fe33fc4183&be=1&bc=hb_pb_3.0.1&nocache=1610640916161&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

30 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://www.rawstory.com/qanon-congress-2649937672/(Line 3797) Message: ### ADMIRAL ### connecting to API
console-api	log	URL: https://www.rawstory.com/qanon-congress-2649937672/(Line 3972) Message: stbca_rand: 0
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js(Line 6) Message: [GPT] Div ID passed to googletag.display() does not match any defined slots: div-gpt-ad-1565199520698-0.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USPAPI workflow exceeded timeout threshold.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js(Line 1) Message: %c(00:01:631.68)%cJAdManager: version v2.50.375 initialized padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api	log	URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js(Line 1) Message: (https://cdn.justpremium.com/js/v2.50.375/jpx.js:1:203636)
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.rawstory.com/qanon-congress-2649937672/
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js(Line 55) Message: 17:15:18.822 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js(Line 55) Message: 17:15:18.823 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js(Line 55) Message: 17:15:19.129 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js(Line 55) Message: 17:15:19.130 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js(Line 55) Message: 17:15:19.664 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js(Line 55) Message: 17:15:19.665 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	log	URL: https://www.rawstory.com/qanon-congress-2649937672/(Line 53) Message: ServiceWorker registration successful with scope: https://www.rawstory.com/
console-api	log	URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js(Line 1) Message: %c(00:05:266.19)%cJQueue: No ad to run padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api	log	URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js(Line 1) Message: (https://cdn.justpremium.com/js/v2.50.375/jpx.js:1:54862)
console-api	log	URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js(Line 1) Message: %c(00:05:266.57)%cJQueue: Fallback padding: 2px; background: rgba(0, 0, 0, 0.5); color: rgba(255, 255, 255, 1); padding: 2px; background: rgba( 0, 153, 204, 0.3); color: rgba( 0, 153, 204, 1);
console-api	log	URL: https://cdn.justpremium.com/js/v2.50.375/jpx.js(Line 1) Message: (https://cdn.justpremium.com/js/v2.50.375/jpx.js:1:54862)
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js(Line 55) Message: 17:15:20.290 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.59/0.js(Line 55) Message: 17:15:20.290 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	log	URL: https://www.rawstory.com/qanon-congress-2649937672/(Line 3823) Message: ### ADMIRAL ### user is unknown
console-api	log	(Line 25) Message: Infobar .. finish setup event listeners

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15786000; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

53dab7933853502386cdba4744de8870.safeframe.googlesyndication.com
7e47893f52564f71897d3510a470183f.safeframe.googlesyndication.com
7f9f7062360a3cbd833db047114b1ae4.safeframe.googlesyndication.com
8848be742946b8396069e5e864b7a0ec.safeframe.googlesyndication.com
9rmjh-t0k0q.ads.tremorhub.com
a.teads.tv
a493a6b486cc0c596130f9b72f16ccce.safeframe.googlesyndication.com
acdn.adnxs.com
acds.prod.vidible.tv
ad.doubleclick.net
ads.adaptv.advertising.com
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
adservice.google.dk
ap.lijit.com
api-2.kindest.com
api.bounceexchange.com
as-sec.casalemedia.com
assets.bounceexchange.com
assets.newsmaxwidget.com
assets.rbl.ms
assets.rebelmouse.io
assets.revcontent.com
bidder.criteo.com
biddr.brealtime.com
bids.proper.io
btlr.sharethrough.com
c.amazon-adsystem.com
c.disquscdn.com
capi.connatix.com
cd.connatix.com
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.districtm.io
cdn.justpremium.com
cdn.onesignal.com
cdn.revcontent.com
cdn.undertone.com
cds.connatix.com
d1bvk193qme2fc.cloudfront.net
data.cdnbasket.net
de91ad3013e62fda1b91f59be7e79fc5.safeframe.googlesyndication.com
detectdinner.com
disqus.com
dmx.districtm.io
e.cdnwidget.com
eb.proper.io
eb2.3lift.com
edge.quantserve.com
embed.yappaapp.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
global.proper.io
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hb.emxdgt.com
hb.undertone.com
i.clean.gg
ib.3lift.com
ib.adnxs.com
ids.cdnwidget.com
images.getadmiral.com
images.newsmaxwidget.com
images.revcontent.com
imasdk.googleapis.com
img.connatix.com
img.revcontent.com
img2.zergnet.com
img4.zergnet.com
img5.zergnet.com
js-sec.indexww.com
kindest.azureedge.net
lh3.googleusercontent.com
lightboxapi.azurewebsites.net
mantodea.mantisadnetwork.com
page.cdnbasket.net
pagead2.googlesyndication.com
pages-stats.rbl.ms
ping.chartbeat.net
pixel.quantserve.com
pre.ads.justpremium.com
propermedia-d.openx.net
px.moatads.com
rawstory.disqus.com
referrer.disqus.com
res.rbl.ms
rules.quantcount.com
s0.2mdn.net
s8t.teads.tv
sb.scorecardresearch.com
scrubswim.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.newsmaxfeednetwork.com
static.rbl.ms
stats.g.doubleclick.net
sync.bfmio.com
sync.teads.tv
t.teads.tv
tag.bounceexchange.com
tlx.3lift.com
tpc.googlesyndication.com
tracking.justpremium.com
trends.newsmaxwidget.com
trends.revcontent.com
trk.vidible.tv
ups.analytics.yahoo.com
us.ads.justpremium.com
user-stats.rbl.ms
usync.proper.io
vid.connatix.com
view.cdnbasket.net
widget.yappaapp.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.lightboxcdn.com
www.rawstory.com
www.zergnet.com
x.bidswitch.net
z.moatads.com
ap.lijit.com
bidder.criteo.com
dmx.districtm.io
fastlane.rubiconproject.com
hb-api.omnitagjs.com
hb.undertone.com
ib.adnxs.com
propermedia-d.openx.net
104.111.238.139
104.111.242.245
104.16.68.69
104.17.120.107
130.211.47.17
143.204.215.30
143.204.215.70
151.101.113.68
151.101.114.137
151.101.128.134
151.101.14.137
151.101.193.68
151.139.128.11
172.217.21.230
18.156.0.31
18.185.170.181
18.195.225.18
18.196.104.43
199.232.196.134
2.18.232.130
2.18.232.7
2.18.233.180
2.18.234.21
2.18.235.40
20.40.202.0
216.58.212.130
23.8.15.54
2600:1f18:612b:4232:186b:cfde:ffb3:b55d
2600:9000:2057:8800:6:44e3:f8c0:93a1
2600:9000:2057:e600:18:1fcd:34e:d2a1
2600:9000:206f:1e00:19:f03c:7200:21
2600:9000:206f:9600:1f:2473:9080:93a1
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:20::681a:823
2606:4700:3033::ac43:ac75
2606:4700:3037::6818:7482
2606:4700::6810:51a5
2606:4700::6811:4f22
2606:4700::6812:a913
2606:4700::6812:e234
2606:4700:e0::ac40:6d0d
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2001
2a00:1450:4001:800::2006
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
2a00:1450:4001:81b::200a
2a00:1450:4001:81f::2001
2a00:1450:4001:821::2001
2a00:1450:4001:821::200a
2a00:1450:4001:821::200e
2a00:1450:400c:c0c::9c
2a02:26f0:64::210:6bb9
2a02:26f0:6c00:19c::26e5
3.123.45.128
3.125.0.64
3.228.45.187
3.248.155.4
34.107.221.36
34.120.253.250
34.218.102.95
34.254.210.226
34.95.69.49
34.98.72.95
35.156.26.195
35.157.124.214
35.157.13.124
35.158.189.107
35.190.74.157
35.190.80.193
35.190.90.202
35.227.203.40
35.227.229.34
35.227.245.6
52.14.222.78
52.200.45.184
52.203.203.127
52.22.61.253
52.25.47.180
54.84.196.220
54.86.238.79
79.125.103.162
99.86.5.213
99.86.7.102
99.86.7.107
99.86.7.40
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
0298b08856a9895b8598da3d3e882d5f81d97c2ff9795e120426b62d483b853f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0bdd6005601a84480a97fdfb09593a5224b5bbd714850275f4ba7046cb051d6a
0c8f3701a019b198cfb5cc4a81658d40b30eabdbfa627dafac6f19f649824631
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0d24cd8264cae5fabd2dda6d203951993d44f5128c5fd7367c97fa5f212f2a8d
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e57e1f3f5fb8bf4c89d1a9aabfef0eb8868042c1514e0c1f55ae9f3ae20f946
0f0842807f38f67d1c68bdfd903b756b9853696ee3c413cbff48b0cd3742fac3
10bfce5af88c27ea73d81e1b350bc0db8a70247814908d8090364e109a29e5e7
12f2fd69edcf6a172aa7cb1a873e9224b9d65c3c4e4e565cb5fe4c830740b63e
133a03f3477d90ae2b6671a9a587441bde2ead324d1b6befe2cf41ad179d546a
13f27623b0e4ae2d4075b45e29e9267d82e4bd5e60940e8bc27d63828720f954
15cbd32b2a38fb639401802b3f33dfec4ab326d75e9c100d0501cd465744da96
166cca4dc9deb79a0d4bc3012275ab04f6f0836cb45759543e0085505fe81c6f
16d5282e8809309887ef897e1c00c4242218753d26a0ede2e4bf6154afe7cd0c
16eb0016482bab57cb73fd313065fae4b8d3fae681488cabf2dafbf5ef40cf5e
1791f3e7eb95953cf7ad93c3ec290f0b51c215c1706605e286e5be4e899396a9
1889bb00e6453b0d358895496a9bba69944ca1ea7ff10a0b494e68a079a2955c
191f6ac56681eb03639522f6f7a3ec97429d828da5cc6bd03207a4cfe7a7ad34
1b2854a276cb1a5260e6520224a676348dc28fdc19d0cbd05f7e98193092211c
1b460840487c7419340c409f5d2e230e5f36d965a061754bd2402b7e4068962c
1bb9cf4ee753a94c328e36f0d5ee15d5d05e017a7fdb4153377faba477d436ef
1ccaab138af63f75bb9177b64304cbf3fed4ea5381b18bcd9883c9dea8ff7756
1d5ce6abfc56177b773caf44c619827632b66db724318425c0bcbe27066ab06b
214465bef2adfc640ddbeba0b9986db3957f37c6468a9295e76ca5e29f8aa60a
22f60de6b6730b06d7c88ea0755eaecbe9435b2bd59502aa2df56780938d9237
23c16b1410a7888841fc66e274e6037dd8081e2cc16132300c789563b3039a84
24db225024dcd396d1304abfb13c7522b70a6d9502f4378bf7c083edb8b76ca8
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
29cb399e482ba5251b4abfc755eb4d33162fce55a7d6f3cf8b027fcb540174fa
2b381e2c45d01eec9b6c24f3bc2836d13ef18a9e75bb393e558e1a3c554ba238
2b431f716d639cfe244f033abfa3951ef3ca74c7a12d7fb4b3cbca3e3f498c93
2d396a6bfb3decd60b11093231dd1b68138d0157e66c684b170a13b9daf2e326
313d13c1b6a58a039684d5c95eef5e95e5dc82ffb0e109e0a6618912891d8a1f
315cc91910ce504374aa1873c8ed0b756c0698075d0c79e7a9c125eef1005e5e
32269bddb5515232743fd59118bc945b2f148e325065cf66f1abfc042c8bc3e6
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c4fccd3821d0d8026725d2dff019b56a6117d7ce153bdc9805b6157769fdaf
333346f9c89876baf7869b0f454b50e48df4e04b4d023b7a83c5171922504501
334337ca213265d2a9d91efcf4c3acafe44b825b59a327d20237375170480ff7
33715d4ac00bca0a8dcb4668fc9d4fc6c645f4753779a03228ef767cd8d8f7af
33b8d91232ce5b00603934b98098023f6821baf171fb07860abd41cf176fdfbb
33ceb5b0256450957db471a89d6b8e2d240e1e9ade7eda802fb086daedd4d5ea
3448a4e09a6b8c69fe66efb494b8f6a37e3a65f24d551ec919ed98eca6e42d73
345f0d1cf18b0e5e671d42db0216869c7370528644172a96c52013ac68054237
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3851b21e4926db62fa6f62d809ac6e44c4bdddf0582cff57dcccd699ead9537a
38a30f3a6ba633dcf72c8cc280958b1a9728064c9e6e9e6b4ecc777668870776
38c6a619023c2ccc160eacf33b9b3093bc28f0e8d4f665086f153a8b86a6c011
3a7cb9bcb32612acd354ba9fef4b11cf09b2b7ab19f6b723511e5450e2238a84
3b87322bc4afc635c7a87bd889439d181d1e42050f8b8ed3bbcb8813d84c4dcc
3bd8976d2ac903999c8f577ffc0813cb8df1fc40d0d3ad119ace7c595b9fd47e
3c39ef90a5ea7df4785f15591d58051d2b24ea6caff617bb8f70094f5b04d2d4
3ebce4283a4defea2d0c18a447b8ad72f361f86a6096c119f341fb03be1b0e8f
417574bc75114739234978e3746f138546c68b2715e34e71fa6378296f4b2393
41d610b21bcf8098c61d16208790d6111353b2b5a6bdbd1feaefd7986bcfcb6d
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854
47663194d7d38716a59e702f42a8494d099a24a8f84ad940e0db38938c8a4956
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
48c226ed98e0dd985fc8ae1b2abfc6eb451495403bd9674c9c3bf5c44b02dfa0
4ab3271238af5abd9f6929babca8ce660ba391ac73e4507ddb2faa9d761cf231
4ae6fadc73877dabecc11d3d53f3e1ce41cb0aa533472404d7bd024890e6e7b5
4aea61a21f24cc092946552051769debe82f6dc4773503fd0f2b41c341e626dc
4b57916af1cef2a55be28cd3a66468f93f2bcec023bfbac9eb3a6d648ba42ff7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51212d77c3bf2ec8d70449d0bc9ba012526373b129f6eddc7e5a08b74ae8ca12
519995eb7192620db054fe9d35ba76a94d1754910448a6b5eca2bc285305c746
54c08aae93733bb314e8fdca842c1404e032af61baa088641f4d98c231a4e7e0
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5653ca4e2dd0dac0513d3275a549485fbf2f2be88e71ad4b3f07d587011dea43
57088f3aeea400fca4e570f09e3c2c55db6bc6d3b1e29f5241058eee38066885
57b237daf5fde0063a3516385c6e4aae197876032d0cb0392cc6957e41498f5b
57d987b9cd1933f154c4dc3d54b4a95857936e3a994a5a8f93b532058ac335a7
57e7457975b1d047a89daf73276144a7d36bb8dd7084126d6a43cf0c52f78025
58902efd33adf8f0bf1e76f65714fcf671026f3b1b56d628f0fe82113ba4e22e
58cff829dec10747bf665710580ebf7e1632f226a8904a9f3d0430b11cac7cab
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5ef3e312dec101a1240eac5d2701a019ba2796bd4d028e9ecb265d08b886aec1
605293de2e9264e16bf190be931e382d8a3405411adc5f641494cba924d9d77d
608ddd44930c7aca8fa736679545dd74ff3404ede74f2cbfbdf445fb9a09c311
62246f6f1b1e2240b9d8a6c5dd5bf595b20a508ae7e3938e12af68942438170f
62b448933278cf357df19d8969cd647127b2956b9c772a8fdb07bf1938a768b3
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
631f22277dbbeb87727650be655e5783d26578a710c1ef042c6aee0a6e6f2996
657ce79970865b4ae1f7c3f42715defa648bf4d5cb34949c62f7d220b2c1ed03
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324
66dd5033bfecfeef06d05c3c5115bdba91710813b07c6635f91f0424223d43b4
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
6771bbabb5ae9173ef4bd7468ed1f61438537d352d50682bc2832aeaad19b803
67c53ae0376cff4c5e0d35104820d0b2b8ab20c94a32e477db95ae74a2c84db5
680de6b8401890061a5878aa004115a64078658d75b1ad519d1cac6a972a701b
68188624fb0b44b17140e4995414fe5f063698ea735fd520b4619538171a2cf9
6a588c588b0c76f4ff2f18d6eacbb2a6e68ad91b5926e20067e209853fd9ad02
6a696a23c4b36e659fab82d44eb299057572792121a95f79fa51e2e57df5b8d1
6be8aa6d7e7cdfc48085a6386e6f1433dcac71b98752e086423217094d5ad461
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c88cd2bc0503600953294fc24e66171a1dfa6adbcaa4e39c4ec57a5c721da1d
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
6f79f64a58642bbf7c71fba9f42fcdd561da4749c204e1936e46507714762a87
71abbd9e340ed9257fdf19ca39ac5d02c15bed973256dbc75ec016aba4078a81
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74ba50276f10c70f4c62473eacaac82a8feb54d29a4198f23cfcfb583437d43b
753ffeac60d8215ab2e1118c1a48c4e3d1bc5b2671d5a3d8f1b2b5bf70ce151d
760e9a591436ab1b47e0940580a2fc61f78725bb002db07b8ee91449044f9fe1
768f5ddc8738d3322d9edb09ff3b8c05eed4acfece2996683a08d2dfccfbabc4
77aa44056718de08b6adb2a55482307b79da5629cefaefec20202d1b9905e5f8
78ccee7835cf962ea489b5d0c9b316c8db4ec60a18f36700511f79865602b8de
7a258b95166ad5cdda41fd63da4c95d27b3763248e1dba7fd24efacf45b71fd8
7a3f95bcf1253e2338dfb4c6fd22a361b7977f0202463b8a477831eccab49afc
7d94dfef584553429cbb64d1d0d44f410e750f256a3a5c263944388ebc2c02a5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
827f31befffb88460a28466d0c3c5fec107f01d45e96c1091014606b732b2e73
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ba93d8ccf466185636ca5c667ee23a0dc8c860741c642f6af1e4304b4789bd
84b88b9a356b63a7c478d154f43c831cb17a583a6b67d4c3309c6dbccd116f6d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85408313180c256368d009d7bbabe745545a15f189a0ad2cf38a5212ad307f7c
87f116b1dfa880b849490966cdfe4716bf9c2b7a04f5b7671fa9840f736bc370
888b6a7303f18592b1e2c19cdd31ac7dd213f17a2cb828c1050b4d377b2d0ced
8929511a46b2456650f499d20bfc86a8e32905b6b236770634cd06afee158f4c
8b0e1cc6abbf8a7fae8c1e89b85df39bfcc7ba124313b39b5ee94c9db15ddbaa
8b18b37b11e81e6ca2757512bdf81ac2534719a2556348e9ebcfc5f362b707cf
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8bd7c6148671cd880c8025f64b6c0394adc3ca3a9079bb992a0d71b705acb540
8c3adfcfac4a79d4f2825b07adfb76b8c6be2f4486eb4efed1850a90653af533
8c55fc7362462006ca71885ca303089662480c3ea1514604e8d66d4f4f359370
8f86015e1482bf3d1dd559b770ede8ec14442e071170e4a4bc97e871fd214d2c
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
928d42d56aa85bd3c4e1172d42446eb3e50addae129c91d8db2ba5c881543712
94c0d1037af9bfe643f8c75c0318531c6fb222b5ea6cee65e20313658027d082
95229a59f08c3b5d9f9ef215513183f5e4289905fb01ace0a508ddd293783e67
95d9e208f851f8ec653a98c7dd504ddcf3d66a1ab519ea7d75c5c2159223d610
97289526a30103d2f8066c75f238b228007eb60eb0819e8659f88f515c589fa7
97beb16d3fcddd3ef413d6d5389e0439114ba95d80313481c6f7e3362ed665bd
98852c64bf54f0d36834962185ab2a1ac0dac49e2207722198e88d4f6c41f546
9a93ff3c9057863ee52c00f8bf074e05c31d759a8cdbddd0a69c6be14a86d70a
9b3b1b37842d1f2382ac1da89376d8420c25538ff4c52e6f173345c897a41596
9d74b72913bac19c9a55d40e7d3bd07b66eeac174fd5c957fdf0d4921706893d
9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0
9ebcc8fa950638c866deab784e02e02349329f900d6c341c9a594c1cbea9764c
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1439d81b4d7ab9b98ddc6a34094672367ba87a280b7705ac5f8b2bb1661bb18
a14862adefc3b7858eefd7db74879ef41851d13b8f5635dbcf30f82dd68900ca
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a79746ac1e7994dc03d6109e4f696dc31b5e6530bc6c45e59462167822db6fc7
a7ecb30bcfe84505c021adf597010a0e3e89ac8842abd9b9ef39f261e6e4b71a
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
a98f2ff5a0a40c5458b2156c64d33f178795fc9dc02edfd40b670c2f24bbd674
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad1ce3d987d618f3c8fcb8fd68a0d0b1d908493b2b3672cf254f277b1cce307c
ad4905967869fc41bba3c4a0eeb9c403fccf6ab8f61994493168d306f88dc690
b0e65b8c1dfddc24a85dd204338613a95cb9bd998bcfeea932f8d9e5859a151b
b1d41975bf091b33503ae840cc61f7ec2305ef66ed3b9439a7adab8077ddfc55
b276fafa8b24db9036f9fe3de18da4feca18534d06b24ab70d548b7aef735fcd
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b398ab79e9b07b93c3c93096018c281d5439364e7827350aceb6989533734726
b3bd7c61e2b7f791b04cb0557bf4e10880bd4d85b9dfd46647bcca483fee23cb
b3c950f528592442fea0b654ec6bc3fd82a1f225feda40f335d2158d30bbb918
b3e923d6d2cfba2f8f470bb56c9916f5c85bd12ed49136c5e8d7ee211023b618
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b65454700e2f7bf56d796bce64f5a70c07ef19678f1a978df62366f984ce17d1
b6cb334272988052b287ab0af9b48c6cd1a53d2d685712a3941e90f4e8ba2e46
b8dd18d4edea0f5bd9590d7dd98a2be4dba6f6b8ad586ddec8a4b97d5c37f0f4
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bc431f26ddb13b192628fa54878bf0b494e9873aedb982ffdefad1190c940a0c
c0c5cdaf9d47ef4e6aca8ef156a77f7f3c486b8f69e4d430df59c88f90366e85
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c2deea221118e199cc8a8ffffa78dcec65f1563fdaeb3b3c6d4da483836d221d
c49639dce2ec2a9b9903069a629be3befe896f81b3994383d258831499a55122
c55e601438c7d494890e1b85a9f71560786b4d11a086debe88677f443c700379
c58f7298186b2bda4df0c017cb836feb69e02f38069cebb3896f03e523085330
c6e274943b49e7294769064939f61d55dd3818dcbf7c59c2ef123004b67b067a
c7644e16c3f1cebc16184feaf91e2074136366faf4a7dc16e5adf523905622b0
c80ec5e5c7f4497af102517dbd905c43b05df0529ab4b7903ec4adb5c11d2a0f
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
c94e85e10bd76530a86abaf00449cf46138b63fd180d381a1c6adeff312243da
c9c31ac15ce43ed9d2e3d5910a4d1530250db59cee31ee0609854f6591d3fe1f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca54f1138164ac7adcf48ebade406861ede82b9969a7e1c5b7f68e1e71463dfc
cd6739e275c5db5250e4c16f6f2cc532c4d0ea4a019634231e8fb1bd95ab55ba
ce7fc3b942cc1cff4508149e589b505cf003d9e4f835cf6b60e4f41f3a71adc3
ceb22500ccde6a712c747806a1228691e29c6e27db5fa452752faf31b9898119
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbce75fc04953d8853add071d4b575e0e75b065677c8bbd78e5340455fe3a4d
d34b8449ab7f91a23b895103dfd179bb92c298c03d0ff2a1bb41abf7b1ffd522
d39d9333520c68149b3616a3829ed01cd946859616db9e08502bf571e6ef7fab
d3ab5ec0aa53e16e3757e8ace2efe8c003ee594693c306fde1dd421036a67299
d5132eb4775fe5c85d515453cb238727620936adc84e5f727d495f8fefa2eba3
d59d377c16b69705740593dd9e08e77ed4de19db4650e702f0baaf3771a1ebc3
d6fdc43ea57adf43da9080a9ce6d9318047d37f224a796467609cffc8cb9eabb
d7de5f5efd349e225db5a150751cbad85405c03ee28d7e49f93b4fc3d1fbf013
d937b9c40260e569fbf72d571278fb5f4786e9ef913ac029389772502a8ae408
db46379ec5c9eecda8f9563ab35ef361aef479a2a8779baae9327f7d2af887f1
dbe230fc0fa128097cb77bcd8fb3ed9e06574a597d74d92aac6dce077bdcc9bf
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883
e2399a444cc3d6556299682b67a87c87e57e902872251a1239477102d747d77e
e2493469dc076cef2edff02ff09f6380a65df9f7caf74fbf26c1d913d3d4f754
e2639c7c1f0db09a7c1c5cd8fea4ee386fc5f2c050389511d058d5b7a997956b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eeb5de0d28855d4b9846128b71b764e6ec4caae339c0a31de90d885101014c
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4f4325d2251a1fb661e38826334015128eb74701e9951dcb1fa40a5a32a9ec8
e6e6d8944297241305e2c09d63dba01cbc0395e4c65a9c954483d20de28f8b8f
e6f5f7ddd4756a877006d315f740fee8d9ace8ef6c08c171c399c7f823c19f4a
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
e99a991ba324e3c639609e7ae6b8931fefc254c8846232edb22b327402d2c700
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f41c4ff169ee2b5a53a69056cce3382fb2d57b1de9f25aa5e7c56c360a371f07
f54d4f4557ffad679c672c54c96f94517dc862e2230c019d2bd24b0650217c57
f5e14a40380a192519639636c7797000c7bd3fec1b020b18cc01898a7eb287eb
f7d43881b0a8c9adb92dfe3c2594d757c1a590342e64bebb7881a8a156cb0f29
fade06c6dfe89b1a1b4f187fcea41dc1b3952747eae415fa7f08408b23cc4197
fc209d651c5467cf63b81352dd8f4f7c571be039f3f2e9cfcd6b007343e2f3d5
fc6c62a779ef905a0848a9feddf46cfe6f2caab3f524d8469001c215ca4dd7a1
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
ff4324262f75ff9ae01280adae095ad6fb8f1419282efc04e9d577e94bc199dd

www.rawstory.com Open in urlscan Pro 2606:4700:20::681a:823 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

435 Requests

97 %HTTPS

35 %IPv6

68 Domains

128 Subdomains

89 IPs

7 Countries

6267 kBTransfer

16399 kBSize

0 Cookies

47 Outgoing links

Redirected requests

435 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rawstory.com Open in urlscan Pro
2606:4700:20::681a:823 Public Scan

Screenshot
Live screenshot

Full Image

435
Requests

97 %
HTTPS

35 %
IPv6

68
Domains

128
Subdomains

89
IPs

7
Countries

6267 kB
Transfer

16399 kB
Size

0
Cookies

435 HTTP transactions
-3 data transactions