urlscan.io logo urlscan.io
SecurityTrails logo

resistthemainstream.org Open in urlscan Pro
2606:4700:20::681a:256  Public Scan

Go To Rescan Add Verdict Report
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-preside...
Submission: On January 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 63 IPs in 9 countries across 58 domains to perform 229 HTTP transactions. The main IP is 2606:4700:20::681a:256, located in United States and belongs to CLOUDFLARENET, US. The main domain is resistthemainstream.org. The Cisco Umbrella rank of the primary domain is 465163.
TLS certificate: Issued by R3 on January 17th 2022. Valid for: 3 months.
This is the only time resistthemainstream.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 35.190.62.199 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 172.66.42.247 13335 (CLOUDFLAR...)
30 104.19.134.78 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
5 104.154.142.214 15169 (GOOGLE)
1 67.202.105.33 32748 (STEADFAST)
2 12 104.108.145.8 16625 (AKAMAI-AS)
1 51.89.9.251 16276 (OVH)
4 4 185.64.190.79 62713 (AS-PUBMATIC)
3 4 142.250.181.226 15169 (GOOGLE)
1 1 185.64.190.80 62713 (AS-PUBMATIC)
2 2 198.47.127.20 62713 (AS-PUBMATIC)
4 4 37.252.173.215 29990 (ASN-APPNEX)
1 34.98.64.218 15169 (GOOGLE)
3 4 3.126.56.137 16509 (AMAZON-02)
3 3 213.19.147.45 26120 (RHYTHMONE)
2 3 52.223.40.198 16509 (AMAZON-02)
1 1 64.202.112.63 23352 (SERVERCEN...)
1 178.162.133.149 60781 (LEASEWEB-...)
1 34.249.18.151 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 54.77.243.210 16509 (AMAZON-02)
2 2 3.66.148.67 16509 (AMAZON-02)
3 3 38.27.122.101 174 (COGENT-174)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 1 169.50.137.184 36351 (SOFTLAYER)
1 129.159.70.95 31898 (ORACLE-BM...)
2 2 72.251.249.13 29791 (VOXEL-DOT...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 67.202.105.23 32748 (STEADFAST)
1 172.66.41.9 13335 (CLOUDFLAR...)
1 2 52.46.130.91 16509 (AMAZON-02)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 1 34.194.30.250 14618 (AMAZON-AES)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 151.101.130.49 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
1 89.187.169.47 60068 (CDN77 ^_^)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a03:90c0:41:... 199524 (GCORE)
10 2a00:1450:400... 15169 (GOOGLE)
1 151.101.130.132 54113 (FASTLY)
4 54.88.209.254 14618 (AMAZON-AES)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:12d... 20940 (AKAMAI-ASN1)
6 52.73.58.202 14618 (AMAZON-AES)
12 88.221.221.138 20940 (AKAMAI-ASN1)
1 35.173.4.119 14618 (AMAZON-AES)
1 2 35.227.248.159 15169 (GOOGLE)
2 104.108.144.214 16625 (AKAMAI-AS)
1 1 2.19.35.65 16625 (AKAMAI-AS)
4 23.0.42.150 16625 (AKAMAI-AS)
1 216.52.2.30 29791 (VOXEL-DOT...)
4 213.19.147.43 26120 (RHYTHMONE)
6 12 185.86.137.114 201081 (SMARTADSE...)
2 185.86.138.122 201081 (SMARTADSE...)
3 185.64.189.112 62713 (AS-PUBMATIC)
3 54.229.61.172 16509 (AMAZON-02)
1 198.47.127.19 3257 (GTT-BACKB...)
1 8.39.36.141 26667 (RUBICONPR...)
1 37.252.172.36 29990 (ASN-APPNEX)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 2620:112:f006... 6336 (TURN-US-ASN)
1 1 185.29.132.245 30419 (MEDIAMATH...)
1 1 18.234.22.74 14618 (AMAZON-AES)
2 2 54.229.75.47 16509 (AMAZON-02)
1 54.84.55.94 14618 (AMAZON-AES)
1 3.209.156.238 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 69.173.151.100 26667 (RUBICONPR...)
1 54.36.109.47 16276 (OVH)
8 142.250.186.130 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.86.227.90 14618 (AMAZON-AES)
229 63
26    2606:4700:20::681a:256 (United States)

ASN13335 (CLOUDFLARENET, US)
resistthemainstream.org
5    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    35.190.62.199 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 199.62.190.35.bc.googleusercontent.com
fearlessfaucet.com
3    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
21    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3011.infolinks.com
30    104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
2    2606:4700:20::ac43:4514 (United States)

ASN13335 (CLOUDFLARENET, US)
talk.hyvor.com
4    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:225e:6a00:a:cbb7:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.lockerdomecdn.com
5    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
1    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
12    104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
4    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
4    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    34.249.18.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-18-151.eu-west-1.compute.amazonaws.com
s.cpx.to
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    54.77.243.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-243-210.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    3.66.148.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-148-67.eu-central-1.compute.amazonaws.com
pixel.advertising.com
3    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
rt3011.infolinks.com
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    34.194.30.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-30-250.compute-1.amazonaws.com
sync.extend.tv
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
a.omappapi.com
1    2600:9000:223f:de00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
10    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    151.101.130.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
4    54.88.209.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-209-254.compute-1.amazonaws.com
prd-collector-anon.ex.co
1    2a02:26f0:6c00::210:bb21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
2    2a02:26f0:12d:495::2c79 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
6    52.73.58.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-58-202.compute-1.amazonaws.com
atrack.avplayer.com
track1.aniview.com
12    88.221.221.138 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-221-138.deploy.static.akamaitechnologies.com
mcd.ex.co
1    35.173.4.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-4-119.compute-1.amazonaws.com
premiumsrv.aniview.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.0.42.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-42-150.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
4    213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.targeting.unrulymedia.com
12    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
www9.smartadserver.com
2    185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    54.229.61.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-61-172.eu-west-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    2a05:d018:d29:3602:1794:1826:a9e8:a8ca (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:112:f006:bbbb::12 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    18.234.22.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-22-74.compute-1.amazonaws.com
nep.advangelists.com
2    54.229.75.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-75-47.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    54.84.55.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-55-94.compute-1.amazonaws.com
rtb.adentifi.com
1    3.209.156.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-156-238.compute-1.amazonaws.com
sync.aniview.com
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    54.36.109.47 (France)

ASN16276 (OVH, FR)
PTR: p02.id5-sync.com
id5-sync.com
8    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pubads.g.doubleclick.net
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
1    52.86.227.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-227-90.compute-1.amazonaws.com
track1.aniview.com
Apex Domain
Subdomains		 Transfer
31 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7373
c.mgid.com — Cisco Umbrella Rank: 5668
cdn.mgid.com — Cisco Umbrella Rank: 9908
servicer.mgid.com — Cisco Umbrella Rank: 7619
s-img.mgid.com — Cisco Umbrella Rank: 6584
video-native.mgid.com — Cisco Umbrella Rank: 26854
cm.mgid.com — Cisco Umbrella Rank: 1572
608 KB
26 resistthemainstream.org
resistthemainstream.org — Cisco Umbrella Rank: 465163
553 KB
22 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 7980
router.infolinks.com — Cisco Umbrella Rank: 2877
rt3011.infolinks.com — Cisco Umbrella Rank: 76877
278 KB
17 ex.co
player.ex.co — Cisco Umbrella Rank: 10546
prd-collector-anon.ex.co — Cisco Umbrella Rank: 8539
mcd.ex.co — Cisco Umbrella Rank: 10432
2 MB
17 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
pubads.g.doubleclick.net — Cisco Umbrella Rank: 462
87 KB
14 smartadserver.com
www9.smartadserver.com — Cisco Umbrella Rank: 7271
prg.smartadserver.com — Cisco Umbrella Rank: 1505
8 KB
13 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 609
image2.pubmatic.com — Cisco Umbrella Rank: 1032
image4.pubmatic.com — Cisco Umbrella Rank: 848
ads.pubmatic.com — Cisco Umbrella Rank: 473
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
image6.pubmatic.com — Cisco Umbrella Rank: 595
13 KB
12 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
dsum.casalemedia.com — Cisco Umbrella Rank: 1272
ssum.casalemedia.com — Cisco Umbrella Rank: 1337
16 KB
12 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
imasdk.googleapis.com — Cisco Umbrella Rank: 418
2 MB
10 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
eus.rubiconproject.com — Cisco Umbrella Rank: 541
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1121
token.rubiconproject.com — Cisco Umbrella Rank: 689
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1135
23 KB
10 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2244
track1.aniview.com — Cisco Umbrella Rank: 2186
premiumsrv.aniview.com — Cisco Umbrella Rank: 11372
sync.aniview.com — Cisco Umbrella Rank: 2703
201 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
101 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3036
onesignal.com — Cisco Umbrella Rank: 1251
img.onesignal.com — Cisco Umbrella Rank: 6182
89 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
tag.targeting.unrulymedia.com — Cisco Umbrella Rank: 8400
2 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
2 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
secure.adnxs.com — Cisco Umbrella Rank: 404
4 KB
5 lockerdome.com
lockerdome.com — Cisco Umbrella Rank: 9858
8 KB
4 gstatic.com
fonts.gstatic.com
92 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 990
1 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
ce.lijit.com — Cisco Umbrella Rank: 816
1 KB
3 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1587
2 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
3 fearlessfaucet.com
fearlessfaucet.com — Cisco Umbrella Rank: 57944
27 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 80
671 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 524
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 419
889 B
2 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 9046
atrack.avplayer.com — Cisco Umbrella Rank: 10118
71 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
644 B
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
1 KB
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
674 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
645 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 528
1 KB
2 hyvor.com
talk.hyvor.com — Cisco Umbrella Rank: 106194
5 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 596
541 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
17 KB
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1228
88 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2192
232 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
683 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
425 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 533
480 B
1 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 5850
56 KB
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2733
187 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1830
546 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 877
72 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 702
753 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1292
298 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
602 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 577
414 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4389
233 B
1 cpx.to
s.cpx.to — Cisco Umbrella Rank: 2057
944 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
478 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 588
288 B
1 openx.net
u.openx.net — Cisco Umbrella Rank: 710
305 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
814 B
1 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1328
289 B
1 lockerdomecdn.com
cdn2.lockerdomecdn.com — Cisco Umbrella Rank: 21204
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
62 KB
229 58
Domain Requested by
26 resistthemainstream.org resistthemainstream.org
17 s-img.mgid.com resistthemainstream.org
15 router.infolinks.com resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
12 www9.smartadserver.com 6 redirects
12 mcd.ex.co player.avplayer.com
10 imasdk.googleapis.com resources.infolinks.com
player.aniview.com
8 pubads.g.doubleclick.net imasdk.googleapis.com
8 pagead2.googlesyndication.com srcdoc
8 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
6 track1.aniview.com resistthemainstream.org
player.aniview.com
5 stats.g.doubleclick.net lockerdome.com
5 lockerdome.com cdn2.lockerdomecdn.com
resistthemainstream.org
5 jsc.mgid.com resistthemainstream.org
jsc.mgid.com
5 resources.infolinks.com resistthemainstream.org
resources.infolinks.com
4 tag.targeting.unrulymedia.com player.aniview.com
4 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
4 prd-collector-anon.ex.co player.ex.co
4 ups.analytics.yahoo.com 3 redirects ssum.casalemedia.com
4 ib.adnxs.com 4 redirects
4 cm.g.doubleclick.net 3 redirects ssum-sec.casalemedia.com
4 image8.pubmatic.com 4 redirects
4 fonts.gstatic.com fonts.googleapis.com
3 prebid-server.rubiconproject.com player.aniview.com
3 hbopenbid.pubmatic.com player.aniview.com
3 cdn.mgid.com resistthemainstream.org
jsc.mgid.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 match.bnmla.com 3 redirects
3 match.adsrvr.org 2 redirects ssum-sec.casalemedia.com
3 onesignal.com cdn.onesignal.com
3 www.google-analytics.com www.googletagmanager.com
cdn2.lockerdomecdn.com
www.google-analytics.com
3 fearlessfaucet.com resistthemainstream.org
fearlessfaucet.com
2 adservice.google.com imasdk.googleapis.com
2 match.prod.bidr.io 2 redirects
2 prg.smartadserver.com player.aniview.com
2 ads.pubmatic.com player.aniview.com
2 pixel.tapad.com 1 redirects resources.infolinks.com
2 player.aniview.com player.ex.co
player.aniview.com
2 cm.mgid.com jsc.mgid.com
2 servicer.mgid.com jsc.mgid.com
2 sync-tm.everesttech.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 rt3011.infolinks.com resources.infolinks.com
2 ap.lijit.com 2 redirects
2 pixel.advertising.com 2 redirects
2 ad.360yield.com 2 redirects
2 sync.1rx.io 2 redirects
2 image4.pubmatic.com 2 redirects
2 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
2 talk.hyvor.com resistthemainstream.org
2 fonts.googleapis.com resistthemainstream.org
client
2 cdn.onesignal.com resistthemainstream.org
cdn.onesignal.com
1 img.onesignal.com
1 id5-sync.com player.aniview.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 s0.2mdn.net imasdk.googleapis.com
1 sync.aniview.com ssum.casalemedia.com
1 rtb.adentifi.com ssum.casalemedia.com
1 nep.advangelists.com 1 redirects
1 sync.mathtag.com 1 redirects
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com ssum.casalemedia.com
1 secure.adnxs.com ssum.casalemedia.com
1 token.rubiconproject.com eus.rubiconproject.com
1 image6.pubmatic.com ads.pubmatic.com
1 ce.lijit.com player.aniview.com
1 secure-assets.rubiconproject.com 1 redirects
1 ssum.casalemedia.com player.aniview.com
1 premiumsrv.aniview.com player.aniview.com
1 atrack.avplayer.com resistthemainstream.org
1 player.avplayer.com player.ex.co
1 player.ex.co cdn.mgid.com
1 video-native.mgid.com jsc.mgid.com
1 static.adsafeprotected.com resistthemainstream.org
1 a.omappapi.com resistthemainstream.org
1 c.mgid.com jsc.mgid.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 sync.extend.tv 1 redirects
1 ssc-cms.33across.com router.infolinks.com
1 p.rfihub.com 1 redirects
1 sync.technoratimedia.com router.infolinks.com
1 um.simpli.fi 1 redirects
1 bh.contextweb.com 1 redirects
1 dsp.adkernel.com router.infolinks.com
1 s.cpx.to router.infolinks.com
1 sync.go.sonobi.com router.infolinks.com
1 b1sync.zemanta.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 u.openx.net router.infolinks.com
1 image2.pubmatic.com 1 redirects
1 onetag-sys.com router.infolinks.com
1 de.tynt.com router.infolinks.com
1 cdn2.lockerdomecdn.com resistthemainstream.org
1 www.googletagmanager.com resistthemainstream.org
229 94
Subject Issuer Validity Valid
*.resistthemainstream.org
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
fearlessfaucet.com
R3		 2022-01-01 -
2022-04-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.lockerdomecdn.com
Amazon		 2021-02-24 -
2022-03-25		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-10-29		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
a.omappapi.com
R3		 2022-01-08 -
2022-04-08		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2021-09-13 -
2022-10-15		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2021-11-06 -
2022-11-06		 a year crt.sh
outstreamedia.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh

This page contains 36 frames:

Primary Page: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Frame ID: A54E4C627138245EFD90ACFC992896D6
Requests: 141 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Frame ID: FBC4DDE45F9151D845D2562CBD370B3D
Requests: 2 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 01C0CE9EEC4A693A71F24FAFB56C142F
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Frame ID: 89AD9E299D2DE69170537A80BF200C45
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=601
Frame ID: F42353FB9BF528D2955B728B2D5BC9BB
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Frame ID: 2751907DF27F7EB69B6CD4390DBB6029
Requests: 2 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Frame ID: 2A874C9AC09583BC3063EB3BF0583AF8
Requests: 18 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: 0851EF794FAEDE5B5D27710B4B992162
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 8B637C9A9E71BF96D2DDEF910A56B7B1
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 701BF09FF7FBD1AEEFCA05311FFFE1BF
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Frame ID: DCE1C5C5D3B88CB547D6A4A32B4D70B0
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1642601046875208328409
Frame ID: 07581062382141EAE8E34C7CFBBA3BE6
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: 3A5CF0B476CFEF22ED826E0DBBD528FE
Requests: 6 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-1.0.html
Frame ID: 2D25DF464C393619894FD6B28A54A7E8
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D1%26key%3D
Frame ID: E81A16C7255405ACED8C76E6C187FE31
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D42%26key%3D
Frame ID: 5D1A24213D372E90D5BF6387E3C663AD
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: E79C605E798F424B00B0AB8B2996D8A0
Requests: 4 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=376385&3pid=1642601048001-960064121524-005676-001-002338&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D18%26key%3D%5BSOVRNID%5D
Frame ID: 333640D431F32FBD3601CC896604EAE5
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: C657A4F86A88C70E21FABC4A2A7EE614
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 6873530D96D39DE8FC875C842AE03E83
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 6F2479162E1F9B1C189534690EFE0902
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 5E6961EC5ADAA535C192A9911529AEBE
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 27DFB7ADC7797A619F3389B3C5B3B2C9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 417283E253E6F91DF8DF1D505EE08DAD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9D52BF76C91702C0F65E5B51C5AD8A61
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 45CB1DEB2F569962E15E1ED769779F12
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2A58E5DD31B8BDAF8C6026F3FC4F3B65
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D1F257079363D1668D25B36849EB4DAB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 312201A264E020294B7821CDCE0C6603
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Frame ID: C32C76C89C03417E7A6B8C90510685D0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 2F944A3E19225B4F72E28E0CAADBDEB0
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 9521B0C23B00A240BD4A9AA4CE7B6813
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 2C58F2232C8229C34009704DF63D581A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E89A0FE1A1F9A11E9AC6AAEBFB2D3DC1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 33D2C604D91C649F631B6668722F1006
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C0F3D60E0320ACB1E870B613E0713523
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

More Than 30 Former Trump Officials Hold Secret Call Aimed at Working Against the Former President's Efforts to Sway 2022 Midterms and 2024 Presidential Election: Report

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

229
Requests

86 %
HTTPS

25 %
IPv6

58
Domains

94
Subdomains

63
IPs

9
Countries

5706 kB
Transfer

14886 kB
Size

74
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Request Chain 53
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0NDMkMzREQtMEEyMi00OEU1LTlENzktQzNCMzdFRkY2OUQ4&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0NDMkMzREQtMEEyMi00OEU1LTlENzktQzNCMzdFRkY2OUQ4&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8 HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8
Request Chain 54
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=3705609139205405856
Request Chain 56
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-CALp9PpE2uEnsbE9iI1mVW8WwuFhBJYUv4kWQe4-~A
Request Chain 57
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1206759811 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1206759811 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0ada8bb6-eeed-438a-87f4-ebae209382e3 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2f46f8cf-4a34-4dbc-a9bb-ac1aabcc2546-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-2f46f8cf-4a34-4dbc-a9bb-ac1aabcc2546-003 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-2f46f8cf-4a34-4dbc-a9bb-ac1aabcc2546-003
Request Chain 58
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=
Request Chain 60
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fresistthemainstream.org%252Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%252F%253Futm_source%253Dtelegram&pid=12306&adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fresistthemainstream.org%25252Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%25252F%25253Futm_source%25253Dtelegram%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&pid=12306&adnxs_uid=3705609139205405856
Request Chain 62
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://router.infolinks.com/dyn/imd-usync?user_id=61d9f61d-11b7-42a7-82b1-23012f277418&partner_id=1531
Request Chain 63
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPaa1fe212-7930-11ec-973c-02dd9ad21694 HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-r_MzIiRE2uF6o9LQP0w1l0v43DElXSlh~A~UPaa1fe212-7930-11ec-973c-02dd9ad21694
Request Chain 64
  • https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558752&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D1%26uuid%3D%25%25VGUID%25%25 HTTP 302
  • https://match.bnmla.com/usersync?dspid=1&uuid=7nivg7R83YFW&ev=1&us_privacy=${us_privacy}&pid=558752 HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=A20B2D513B384275A1471689BAFD1116 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
Request Chain 65
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=9507d50f98ee1f451de52c1f
Request Chain 66
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8 HTTP 302
  • https://router.infolinks.com/dyn/usersync?pmuservalue=3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8
Request Chain 67
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=5144588519291444375
Request Chain 71
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YegaVq4tePg0.DP1IVKuUwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDUuxLsXe-8PNaJn_yRMeY&google_cver=1&gdpr=1&google_hm=2
Request Chain 72
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YegaVq4tePg0-DP1IVKuUwAABHwAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YegaVq4tePg0-DP1IVKuUwAABHwAAAIB&dcc=t
Request Chain 75
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6958874461892139894&uid=Q6958874461892139894&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 76
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d3458ae5-dbc1-4bdd-9e8c-f7ca1a850ea7
Request Chain 77
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1642687446&gdpr=1
Request Chain 78
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YegaVgAGzGWRWQAm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YegaVgAGzGWRWQAm&gdpr=1&_test=YegaVgAGzGWRWQAm
Request Chain 151
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=d2399afc-7902-477e-9388-af96e89aaa1f=&partner_id=3337 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=d2399afc-7902-477e-9388-af96e89aaa1f=&partner_id=3337
Request Chain 158
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 164
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653219&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=2601048206 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653219&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601048206&cklb=1
Request Chain 165
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653220&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=2601048208 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653220&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601048208&cklb=1
Request Chain 178
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2446132118047359188
Request Chain 179
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fc6661e8-1a58-4000-bb12-96d7b53d68c3&gdpr=1&gdpr_consent=
Request Chain 180
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a3bafc4c-4301-4e67-a220-b14c9e258d6c
Request Chain 181
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGYn07D0DUAAEDFrKxakQ&expiration=1643810648&gdpr=1
Request Chain 213
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653219&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=2601054543 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653219&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601054543&cklb=1
Request Chain 216
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653220&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=2601054543 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653220&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601054543&cklb=1
Request Chain 217
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653222&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=2601054545 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653222&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601054545&cklb=1
Request Chain 218
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653229&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0,1!playbuzz.com,0010J00002BlxpGQAR,1,,,&cbb=2601054545 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653229&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601054545&cklb=1

229 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/ 		124 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb02ece378515bd73800289ae4b0ecc7e54338ae7ab891a1f8e9b649389cfa45

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 19 Jan 2022 14:04:04 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=600
expires
Wed, 19 Jan 2022 14:14:04 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWizrg8oY9%2BFeN3AG9Aui%2F3yDEnfzQQLUEQweERu%2B9yhh3DFw8fSnQCi4zLOp2KHJmIvkGZMpeLCk6tb%2BqTCBv67%2FyJ9eZYMHgtflT7O1cR7RLIuDTTLtX46XqPkHXl67UgWln6R7XM6FYN6%2FEZMGuvb0Qb2"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d009c2b2bf259e3-MXP
content-encoding
br
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:04 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2687
etag
W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d009c30090f5a13-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 22 Jan 2022 14:04:04 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MHSJPPB6JE
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85eb20716bc8ce7e73fda962e633d6b51749f10255b6da660d1a2a19ccff2531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:04 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62534
x-xss-protection
0
expires
Wed, 19 Jan 2022 14:04:04 GMT
v2gll8Qzgxs-F_tAfYbN9Vu7gRE70yQNcPsdfwHvFYjQd7BtKRQGQf8_AneFC7YOk
fearlessfaucet.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2gll8Qzgxs-F_tAfYbN9Vu7gRE70yQNcPsdfwHvFYjQd7BtKRQGQf8_AneFC7YOk
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
b372d1e8bb526c00e09892fb25aeec4903290e4de8b8477d1cb7911f1d28199c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"52f67df7b66e161e9430c60749916f97410e463891748a99c61cb1af6e261b9b"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-9csr
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 19 Jan 2022 14:04:04 GMT
timing-allow-origin
*
collect
www.google-analytics.com/g/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MHSJPPB6JE&gtm=2oe1c0&_p=1557863543&sr=1600x1200&ul=en-us&cid=1104123751.1642601044&_s=1&dl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&dt=&sid=1642601044&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHSJPPB6JE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:04 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2456
etag
W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6d009c304a035a13-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 22 Jan 2022 14:04:04 GMT
a3jph.css
resistthemainstream.org/wp-content/cache/wpfc-minified/7wo4u5gj/ 		811 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/7wo4u5gj/a3jph.css
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c81e03d5961a492e1ee3b4bf73eae923fdabda4330447f577920d64f5234f07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:05 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 19 Jan 2022 02:47:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jBXniLlhPl7A%2FMikU0W25x7pmZ5c6ddRJrCvPqVSZKTwyTcylZrfnNdzMYq5d3CemAagDvDHltgZ5nlEdTMHzsn2AQo5HQmUfN3YT8VnxzIl7mooCTxMvD1oVuQ%2F3yUvi60vuoEHkz94ncJUfzGWO8aLC52"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c306c0459e3-MXP
expires
Fri, 18 Feb 2022 14:04:05 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9284a576560f7b1bf06488542d70ebd656ccc7126ffa8fbfe2b3c0fb8fff9092
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 14:04:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 14:04:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 14:04:04 GMT
a3jpg.css
resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/ 		667 KB
134 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/a3jpg.css
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1b4c3f2f4e6c235296994b221f594ca331291a92988ab4c327f50981369940b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:05 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 19 Jan 2022 02:47:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xb7daMYlAehidRTW%2Bclq8fSMCPFqouRRgoh3CZYJH8frCcEraQAzRrS9tn6pRdaxpftCIAIA8C4onZj2Y%2B8MBbxLCovCKa2%2BUiPk6ZnjEkgclrPMfCu%2BAUSe3l7cfyqDORmdQcuocPg71uHh8WHGyD0ggwj1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c306c0659e3-MXP
expires
Fri, 18 Feb 2022 14:04:05 GMT
a3jph.js
resistthemainstream.org/wp-content/cache/wpfc-minified/mka1sjxi/ 		112 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/mka1sjxi/a3jph.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68ef40d78ae566ec35f1d0785b503add002abe8ad92c8543077ab9dbe4a4b1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:05 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 19 Jan 2022 02:47:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BbdFQkhpZMu6BTaKyT9GRWISv5YPgl6uF6egOjdCyhIZcgo5KcPGR6F%2Fv%2FMAi%2B0eaKc%2BH8SVFvUEEDUn5N2rD60eIP5fqqPWOv5j0ycP%2FwO7UqXt78Ud%2B%2BmQLFjowctvY2jNlPQ%2FHXoEuBDpUKiBvhCQw9e"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c306c0a59e3-MXP
expires
Fri, 18 Feb 2022 14:04:05 GMT
signal-2021-09-28-044331_001.png
resistthemainstream.org/wp-content/uploads/2021/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/signal-2021-09-28-044331_001.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2b87637211d065cc2722c6ce0a173c4defdbaa4ff7b8144ff6902457aa017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 28 Sep 2021 02:48:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLYADGACsqw6rciNpsfUB2h9G%2B2yMa5XJifAYFAS99hC4OHja%2Bx7wd%2Fm7395GpUKq0vms%2BxyRvO58YvUa%2FBuW%2BOBEJb2O1PmQ8ep805pH%2F%2FtvGU7qQXqduDZ6bHQt0E%2FoFM1o3YTNEZjOaMO1Ijq5Cx6NwZf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d009c377abc59e3-MXP
content-length
2863
expires
Fri, 18 Feb 2022 14:04:06 GMT
logo-mobile.png
resistthemainstream.org/wp-content/uploads/2021/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/logo-mobile.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735ba0855a8e681e98e185111aae755c396d6c0f889c40947b6d758551075f6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 28 Sep 2021 03:17:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVoSsBZxb54AbIXZF4JC6hIn0%2BU%2F3SSwHuCcenyITnHLBfYFzmevt%2FZn3Gmz5rsveMNec%2BCm2VfPsqY58QfZ%2BsOgyWXPTJxH5aDPBaQeD01BcN9cXO0ZfH76Ns1T2OmSkrfH0%2FVrlNT11DWvTPFaTF1qtOmc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d009c37aad959e3-MXP
content-length
1699
expires
Fri, 18 Feb 2022 14:04:06 GMT
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e3e8b6a4608aad2b3ac26700a794ccd57fa7779ae42f12dd9c9221417744e14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d009c371af835c5-MAN
date
Wed, 19 Jan 2022 14:04:05 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 19 Jan 2022 07:51:15 GMT
server
cloudflare
age
7961
etag
W/"d63-5d5eaa673e471"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
expires
Wed, 19 Jan 2022 12:51:24 GMT
email-decode.min.js
resistthemainstream.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Jan 2022 19:09:30 GMT
server
cloudflare
etag
W/"61df276a-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F823%2FGLCIA7sOmjAfHuVcgchdwIAdCXZvln1uvSbnTXXqfDRFSVKD3pvIgyTMS1vv2jsvFIJnL8ngFs07lt75AhK4Xkwz1QRC4PnVOzukP%2FcXED0tletMhJrNXgeNKDCY0vA3pTQeN7bKX6PTYquAMh%2BU0f%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c37499959e3-MXP
vary
Accept-Encoding
expires
Fri, 21 Jan 2022 14:04:05 GMT
resistthemainstream.org.1149360.js
jsc.mgid.com/r/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed367284fdd0727d23443d61fef66e9d1bc522690f63fa510be7eba01005590a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:05 GMT
content-encoding
br
cf-cache-status
HIT
age
3871
last-modified
Thu, 25 Nov 2021 10:08:04 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
W3D2QZM1ZTRGA4F6
x-amz-id-2
6S8t1I+jPW2fd23IraHXZCaQC51Db8s520rlC4gj4k2YPYGQcgb1595zQHjI2eQQTAUhxGRo9Hg=
cf-bgj
minify
server
cloudflare
etag
W/"bf2fbb25b9bb87a9cc7f822ef8e4c233"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d009c37df1d162a-WAW
expires
Wed, 19 Jan 2022 17:04:05 GMT
embed.js
talk.hyvor.com/web-api/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talk.hyvor.com/web-api/embed.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d10d857f0b9ee4649d0b0531ea87e1527a0dbbc3f3647cebfcd922c6c37ba5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jan 2022 11:12:12 GMT
server
cloudflare
age
10313
cf-polished
origSize=6290
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkKASuVnGMSqNTQ8HxSvLwwXe1dikvpPm7rmP9mQwqV0f48gqLHz76drmdBVgKZph3cb616HfpgoS0FLhCvdkbozQddXgclfW3wz3j479fN6%2FQHlbscgvaANlvtEHsYIZs3LlOtYfbVKzGx9"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=0, public, s-maxage=1382400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c37c8850e0e-MXP
cf-bgj
minify
wp-emoji-release.min.js
resistthemainstream.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 03 Oct 2021 22:07:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9q14CerELkghb%2B0gGXLh94TLq%2FZIdJze824jNqZaHXfESFrFCoko4nyWRbUZMj15WuxjK5fGzOg8AmgqJmY7EvMBSDsNfErzsC6P5j88tMVIzEYjtIQxh1SnKCr%2BAdIyQ2Qzz9imgdhBJjNiEX%2BDgZE7TuuC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c37aadf59e3-MXP
expires
Fri, 18 Feb 2022 14:04:06 GMT
resistthemainstream.org.1156929.js
jsc.mgid.com/r/e/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aff16f52b0b9a529e919ec1f99a8475d01e622bb44c02b4643f5fe7c6df90cbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:05 GMT
content-encoding
br
cf-cache-status
HIT
age
3871
last-modified
Tue, 18 Jan 2022 15:53:22 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HV2A4Q3TG7WQ2EEM
x-amz-id-2
Fgz62BB8C2Dtd8eF4yiRjVhLRA4xKn/YINzDaKmLO110xdOi9ni+ub+NRYSmPrjGmcA6jp7htE8=
cf-bgj
minify
server
cloudflare
etag
W/"7aef73da1ecee8b89ca5a58de109330c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d009c37df20162a-WAW
expires
Wed, 19 Jan 2022 17:04:05 GMT
/
talk.hyvor.com/web-api/count/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talk.hyvor.com/web-api/count/
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3d6f43856edb4773691473aba669b43e4b4a0caeae37d2f8fa19456f1b8adae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"54ae38239fdac3aebd77d7563e732af2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2JWOE%2BeY8%2BlfChmVs0kICtskJowFht%2Bgj9nG%2BsKY1GWe7OtoSRD49czaKFd1laBKBGouKRevqT24uQ45a2U4wJgIA6X3eGCZ9j8bmN57G9KQnFxwJX01GlZ%2BcviqY0ztgTV7JRilyfvcTIA"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000, public
cf-ray
6d009c37c8870e0e-MXP
front.js
resistthemainstream.org/wp-content/plugins/embedpress/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/embedpress/assets/js/front.js?ver=3.3.0
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f62e11b110b6233da7f94fc6715e2d026d3dd3cc22fa394623ba16c9316fa8f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 22 Dec 2021 02:29:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRwipU6vNUWIF7KQAQFZHGMIvdCErFqW8jo2RriPYRUteIOTx0Fq5z2EVqvD5HArtmV466NIrhwU4lB7TmQS3Li0GErwATxhiCqGi6tjM%2FMKR8ojciqHgZfPZLmz8PAfqC3Ckd%2FRi%2FDEt7Nkmf31gxGcCdxe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c377a5159e3-MXP
expires
Fri, 18 Feb 2022 14:04:06 GMT
frontend.js
resistthemainstream.org/wp-content/plugins/jnews-paywall/assets/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/jnews-paywall/assets/js/frontend.js?ver=10.0.0
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9c3fcc4471623d464db7a4744808d67f44d3037866797a3fce2c046685c9bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:52:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDmcQp%2BfKo%2FoTZFBpxso35wUxthO5legt8D9AmwweXD2iw3zVBfjDbvrSh3oU3GKXmuM9ufy5rt%2B9at3lhQnM70tTIcdub4%2F56nQa0yyUzXAPMdrS7RyZe%2BsAzJEJklY3U72sfFp9W5fWKnkqrDN6m%2FRBkmK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c377a5559e3-MXP
expires
Fri, 18 Feb 2022 14:04:06 GMT
comment-reply.min.js
resistthemainstream.org/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/comment-reply.min.js?ver=5.8.3
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 16 Apr 2021 00:35:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzUryxHR4hzenEMelwjWIoJAxWzfGVhXe2kprFAA2deKQflx8h3U7RMhmDdwvvyPYRH%2BmktAmNDS45R0QSnsRMvXyCIm2mjCVyLydvpjoZdyIjZq8VknjCXmb4gZ9aXJSa8O7PW3IBO0HPltJLdGQM2vGz8H"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c377a5659e3-MXP
expires
Fri, 18 Feb 2022 14:04:06 GMT
hoverIntent.min.js
resistthemainstream.org/wp-includes/js/ 		1 KB
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/hoverIntent.min.js?ver=1.10.1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 03 Oct 2021 22:07:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoaBfISE7wbz0ks%2B6W56pxbfyumbpDQBqihNhbGoQUDTVtetfaPEnqDz2H31lDOYK5U285NpMUGIdDctMdjIEMAITbkQtEDbVkDnXoLXAvjy1rxkXTzzZuOe%2Fb4Cc9iIu1nEFg5GKcRIAMK5%2FF%2BcB0BPev24"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c377a9559e3-MXP
expires
Fri, 18 Feb 2022 14:04:06 GMT
imagesloaded.min.js
resistthemainstream.org/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 05 Feb 2021 00:14:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nB38JdMMmDwbc05VSRtzFTOesQrwf%2FPLqplParzUwVknq5llqbvEy1xliRQdmojgJAA%2BY9%2BgTL4ztA%2Bq%2BPquvaCAOyR85%2BX%2BoSiKseMZmDOBsJABp7r9vTTT%2BqaljmC4uol7mLsNRss4iPvgqlhIlBhEBh8X"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c377aad59e3-MXP
expires
Fri, 18 Feb 2022 14:04:06 GMT
frontend.min.js
resistthemainstream.org/wp-content/themes/jnews/assets/dist/ 		292 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=10.0.3
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30389cf8a9540caad65157f94347a01b77a96327398ff615be1a6cc346473553

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Sf8%2F8H%2Fuat9n2teZjsoAO0vgYPJAV6aaRDjmV9APU66UjY%2FNXuB3ZQjxrIZbplRnBQX9410pIJyCbRf3c5MEjgE68vH0oJTUCzVE4IZ5kysJrU95sZ%2Bgegcr2vlIzVTuZz7lqLdeB8DX0UQMvNS9JAV%2BoJr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c377ab159e3-MXP
expires
Fri, 18 Feb 2022 14:04:06 GMT
frontend.min.js
resistthemainstream.org/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=3.1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e244abc7224f0d09a459628f4b146d1eab85dbeafad852405cd2dfca3648469

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:51:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKPyXqj2WnzxPE%2B5Svkx9QT3oDplM0qXc3M3LC9MyZ7%2BRp0Ec0t1FJe7Tb8cAHmIjLsEewavYVMAJdDZINV1yZb0SCshVQLNgV9OrMobnzqa2McX%2FDG4iAOrXniR8smFgq5TSrLAhJEqoJtfrV0sv3OhcpV%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c377ab359e3-MXP
expires
Fri, 18 Feb 2022 14:04:06 GMT
plugin.js
resistthemainstream.org/wp-content/plugins/jnews-social-share/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/jnews-social-share/assets/js/plugin.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1571f1bece418ee90d63337858269630c13b63c4bc5d8fcbb6caf1ea8b29d998

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 03 Oct 2021 07:28:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BRKqerJN71qLQbYlzULHQAWBBsdcDdgSefB5jpgy8FRb3re%2Bqr5mx9b0SbPcJYdsPiZmPw885Xz4XGRF40TD6GVQozQFJp2756w%2FltqxKNvofoBI78uBWhrLYJBa1u1R8enh4M%2F41SxcJ9R%2B%2FtwH9oQbztt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c377ab559e3-MXP
expires
Fri, 18 Feb 2022 14:04:06 GMT
ads.js
resistthemainstream.org/wp-content/plugins/quick-adsense-reloaded/assets/js/ 		78 B
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.31
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:50:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQWKpUwWcty1HOSKUs7rWU98ec9tSqujSM10GGouQuwdqX2eJ5W%2BttkRXr1Bnq4MugYf4e6j%2BrspaCy%2BNrY6d49mGqENUeRfyZOLyrRzAVN2HN5UDDA8FrY4wxnIccypNapWSdE636ZvMvk8F2p9GdHGLkHv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c377ab859e3-MXP
expires
Fri, 18 Feb 2022 14:04:06 GMT
web
onesignal.com/api/v1/sync/f2f0fa41-3f02-4834-960c-380cf87d3124/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/f2f0fa41-3f02-4834-960c-380cf87d3124/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f81a7c494112c262aa627cdce3c5f48196855e06c1ce44be10d5492a9c76b345
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
351
cf-polished
origSize=5159
status
200 OK
x-envoy-upstream-service-time
30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
bfdf45ca-64b5-4706-ae22-c5a7b9af1245
x-runtime
0.028503
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"898fad25a5998206d94d4e4eeb5e39da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6d009c378ebb5a13-MXP
access-control-allow-headers
SDK-Version
expires
Wed, 19 Jan 2022 15:04:05 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 21:26:28 GMT
x-content-type-options
nosniff
age
146257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 17 Jan 2023 21:26:28 GMT
fontawesome-webfont.woff2
resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/a3jpg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/a3jpg.css
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGqfyj%2BkT7KCVq2%2BnQecgPEGr%2FKUCYxLX9WYXikoiI5bMLUATdvIv02Hwc3UjwyHKO%2BHUBnSAmwDUixuSP2aK4hvdnuvi35PgEunt195Xq6ImqJcEFwKpRcOCra6vmfGMqU3B0h7gXRR%2FiIFddPisxEGG7ik"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c37aae159e3-MXP
expires
Fri, 21 Jan 2022 14:04:06 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 04:27:49 GMT
x-content-type-options
nosniff
age
466576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 04:27:49 GMT
ice.js
resources.infolinks.com/js/1782.007-3.025/ 		178 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1782.007-3.025/ice.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
939d003d7b0e43c57a36a27ff438b805c5074bf26aab94b38d743d0314f300b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d009c37dd3735c5-MAN
date
Wed, 19 Jan 2022 14:04:05 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 17 Jan 2022 12:23:36 GMT
server
cloudflare
age
4607
etag
W/"2c618-5d5c638c22a8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Fri, 18 Feb 2022 12:47:18 GMT
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6a00:a:cbb7:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 20:11:51 GMT
content-encoding
gzip
last-modified
Fri, 14 Jan 2022 08:14:23 GMT
age
64334
etag
W/"14de-17e57a6e8d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
v8KJ_U5aUNS57kbossbW_886FoFTu4qcw7_MSaQ-dcMXs7d_DFWgmg==
preloader.gif
resistthemainstream.org/wp-content/themes/jnews/assets/dist/image/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/image/preloader.gif
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/a3jpg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/a3jpg.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjGjPRBCnou7C3Y4%2FOzp794bebZJiZben9AGcNldET6rHw3QrkLetmhWphuzmKJBhoL5a6985FwirBT74WSAaqBAPk5TblCz%2Fen9pfObaOSEqL0TJFaylypx15yQ%2BGW0F9OxhQHc4FyvMMiiOlzL2KnuYDSE"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d009c37db9059e3-MXP
content-length
4399
expires
Fri, 18 Feb 2022 14:04:06 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v21/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v21/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 19:33:06 GMT
x-content-type-options
nosniff
age
66659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:51 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 19:33:06 GMT
2021-04-03_21.54.16-80x80.jpg
resistthemainstream.org/wp-content/uploads/2021/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/2021-04-03_21.54.16-80x80.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c07c0e4ec4c5d0bc7e227dbe689dd03035b4cb0f8394574e1b6740af383461

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 23 Sep 2021 02:54:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvqqxvLrVi7S2Y3hILmXeg6V4foA9nZT8pN77hyNTaY30w3WbU0TXey%2FEf%2BxpNsyeWoZS9kKN3YogKahgdFKSlxlRgyJf1uFfHWRyg0beqsc%2F7yFsJ6srZZGiYJnehBa0GKAGGhKoyd5uo%2FO2wft8wxHeVlw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d009c37fbf159e3-MXP
content-length
2072
expires
Fri, 18 Feb 2022 14:04:06 GMT
jeg-empty.png
resistthemainstream.org/wp-content/themes/jnews/assets/img/ 		70 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/img/jeg-empty.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyCH3g14VDJ4lA0IDN2gpLWxXOIdnWq6I2yffxRjTVOv6LhOfyD3IOsjT%2FX81EmuxBdszs4Y%2Fk1guXanmPGF%2F370gPCbqXOlBXRS088iRWWYY9Yylkf7pXME2iWSXpjv%2BKzjotA9rURTccGjLmGW9eRqVqTv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d009c37fbf659e3-MXP
content-length
70
expires
Fri, 18 Feb 2022 14:04:06 GMT
jegicon.woff
resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/jegicon.woff
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/a3jpg.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/knew916l/a3jpg.css
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 18 Oct 2021 19:49:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbmqW9vtgUTQdQSzSx9V0BH5zixrW6G%2B5AdaNwlh%2BueI4p2z86yolVtib9Uxs3Xay4eJ5QgO1RJM1r99O5lZtGqkEKEh0dJVm8CxteCxGV%2Fz12EHwELOyHjBkU9izHrSjuzzRNReTCZ3pQcp9qEkFiotlFpm"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d009c380c2259e3-MXP
expires
Fri, 21 Jan 2022 14:04:06 GMT
resistthemainstream.org.1156929.es6.js
jsc.mgid.com/r/e/ 		245 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8531c1d1e6b51027a70277fb4c156d10b908a476096a6e7cc7a308cc9b68b0e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:05 GMT
content-encoding
br
cf-cache-status
HIT
age
3871
last-modified
Tue, 18 Jan 2022 15:53:22 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
X0B7TA95F78QMVEY
x-amz-id-2
9Lv4aA7gqAllt/ST22lvxhZunFjhIGzDe312YhEdM0HtrO2bA/Dv2bEW8MgY6YQARWLgQSvdI6c=
cf-bgj
minify
server
cloudflare
etag
W/"47d5243f076c0ceacf62a1d1e8cc7ae4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d009c388db10017-WAW
expires
Wed, 19 Jan 2022 17:04:05 GMT
resistthemainstream.org.1261872.es6.js
jsc.mgid.com/r/e/ 		240 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1261872.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49785680ff1b6b6600ec7ca571892ca92195bd1fef0908a96ab397045d34d23b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:05 GMT
content-encoding
br
cf-cache-status
HIT
age
3871
last-modified
Tue, 18 Jan 2022 11:30:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1E4NPS0F4HD88B5A
x-amz-id-2
1o0L9KYOBoa3CKrpeTc8wfZ8g7cHNBtbnip0TiLr6kXEFwjI5laYHOtwjMqb4zKF8qOM493nRy8=
cf-bgj
minify
server
cloudflare
etag
W/"bcd60c3e52b530675c8f1e92e5f4300e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d009c388db20017-WAW
expires
Wed, 19 Jan 2022 17:04:05 GMT
13420768046326374
lockerdome.com/lad/ Frame FBC4 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Wed, 19 Jan 2022 14:04:06 GMT
analytics.js
www.google-analytics.com/ Frame 01C0 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3779
date
Wed, 19 Jan 2022 13:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 19 Jan 2022 15:01:06 GMT
13420770663572070
lockerdome.com/lad/ Frame 89AD 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Wed, 19 Jan 2022 14:04:06 GMT
13436276233712486
lockerdome.com/lad/ Frame F423 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=601
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Wed, 19 Jan 2022 14:04:06 GMT
13763115057895526
lockerdome.com/lad/ Frame 2751 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Wed, 19 Jan 2022 14:04:06 GMT
resistthemainstream.org.1149360.es6.js
jsc.mgid.com/r/e/ 		241 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77403e128e5185b66dc8d0664e55d45595b01dddd2837fedd1f43cd3a344480f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:05 GMT
content-encoding
br
cf-cache-status
HIT
age
3871
last-modified
Thu, 02 Dec 2021 15:56:45 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
AM412P9CKB40J9AJ
x-amz-id-2
KHi0VjEA5KYFjjOMr9NORAN8ZBGI5DUqt7OfHF1h4hUmSlhKRGxC4T007PazteOs1vfPx2Cy9Ho=
cf-bgj
minify
server
cloudflare
etag
W/"271f761a7bfc04d0dedefd757ed600bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6d009c388db30017-WAW
expires
Wed, 19 Jan 2022 17:04:05 GMT
manage
router.infolinks.com/usync/ Frame 2A87 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c025a9ff322a60f03aa800352708e0294d6aa576a768a96d23bb1e6db7ec314

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-type
text/html;charset=UTF-8
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d009c38d83135c5-MAN
content-encoding
gzip
lcmanage
router.infolinks.com/usync/ 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6d009c38d83335c5-MAN
content-length
0
gsd
router.infolinks.com/ 		319 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&jsv=1782.007-3.025&_cb=16426010458660
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da784cf99cdbf1386e316c0f8a5dff540b585882be2b383ec32042f5708b2b85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/javascript;charset=UTF-8
content-encoding
gzip
cache-control
max-age=0
cf-ray
6d009c38d83735c5-MAN
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame 01C0 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=356462814&t=event&ni=1&_s=1&dl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=AdUnitInHiddenContainer&ea=14264500010300518&_u=YADAAEABCAAAAC~&jid=111081299&gjid=886032462&cid=1104123751.1642601044&tid=UA-1933164-1&_gid=1044281161.1642601046&_r=1&_slc=1&z=972693977
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
de.tynt.com/deb/ Frame 0851 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

cache-control
max-age=86400
expires
Thu, 20 Jan 2022 14:04:06 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Wed, 19 Jan 2022 14:04:06 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
usermatch
ssum-sec.casalemedia.com/ Frame 8B63
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
13a5462c2f5f99d577d2eeacd13b2b563af4be39cba429ccc35eb6d5e92e59df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|230|39|31|152|65|88
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 19 Jan 2022 14:04:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:06 GMT
Content-Length
1731
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 19 Jan 2022 14:04:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:06 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame 701B 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
pbm-usync
router.infolinks.com/dyn/ Frame 2A87
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0NDMkMzREQtMEEyMi00OEU1LTlENzktQzNCMzdFRkY2OUQ4&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0NDMkMzREQtMEEyMi00OEU1LTlENzktQzNCMzdFRkY2OUQ4&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8
  • https://router.infolinks.com/dyn/pbm-usync?uid=3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8
0
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
6d009c3cab4635c5-MAN
content-length
0
expires
Tue, 19 Jan 2021 14:04:06 GMT

Redirect headers

location
https://router.infolinks.com/dyn/pbm-usync?uid=3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8
date
Wed, 19 Jan 2022 14:04:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apn-usync
router.infolinks.com/dyn/ Frame 2A87
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=3705609139205405856
35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=3705609139205405856
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d009c3a4c2235c5-MAN
content-length
35
expires
Tue, 19 Jan 2021 14:04:06 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:06 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
840d1c85-2997-49ac-bc0f-15249f741f77
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://router.infolinks.com/dyn/apn-usync?user_id=3705609139205405856
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
u.openx.net/w/1.0/ Frame 2A87 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
VR-usync
router.infolinks.com/dyn/ Frame 2A87
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58422/occ
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
  • https://router.infolinks.com/dyn/VR-usync?uid=y-CALp9PpE2uEnsbE9iI1mVW8WwuFhBJYUv4kWQe4-~A
35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/VR-usync?uid=y-CALp9PpE2uEnsbE9iI1mVW8WwuFhBJYUv4kWQe4-~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d009c3a5c5a35c5-MAN
content-length
35
expires
Tue, 19 Jan 2021 14:04:06 GMT

Redirect headers

location
https://router.infolinks.com/dyn/VR-usync?uid=y-CALp9PpE2uEnsbE9iI1mVW8WwuFhBJYUv4kWQe4-~A
date
Wed, 19 Jan 2022 14:04:06 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
r1-usync
router.infolinks.com/dyn/ Frame 2A87
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1206759811
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1206759811
  • https://sync.1rx.io/usersync/tradedesk/0ada8bb6-eeed-438a-87f4-ebae209382e3
  • https://sync.targeting.unrulymedia.com/csync/RX-2f46f8cf-4a34-4dbc-a9bb-ac1aabcc2546-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-2f46f8cf-4a34-4dbc-a9bb-ac1aabcc2546-003
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-2f46f8cf-4a34-4dbc-a9bb-ac1aabcc2546-003
35 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-2f46f8cf-4a34-4dbc-a9bb-ac1aabcc2546-003
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d009c3c49f535c5-MAN
content-length
35
expires
Tue, 19 Jan 2021 14:04:06 GMT

Redirect headers

location
https://router.infolinks.com/dyn/r1-usync?uid=RX-2f46f8cf-4a34-4dbc-a9bb-ac1aabcc2546-003
date
Wed, 19 Jan 2022 14:04:06 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX2f46f8cf4a344dbca9bbac1aabcc2546003
content-type
text/html
zmn-usync
router.infolinks.com/dyn/ Frame 2A87
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://router.infolinks.com/dyn/zmn-usync?uid=
35 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store
cf-ray
6d009c3d7d9235c5-MAN
content-length
35

Redirect headers

Location
https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
70
Content-Type
text/html; charset=utf-8
us
sync.go.sonobi.com/ Frame 2A87 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/ Frame 2A87
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fresistthemainstream.org%252Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-pres...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fresistthemainstream.org%25252Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at...
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtel...
95 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&pid=12306&adnxs_uid=3705609139205405856
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
HTTP/1.1
Server
34.249.18.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-18-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 19 Jan 2022 14:04:06 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 19 Jan 2022 14:04:06 UTC

Redirect headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:06 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
713c8330-1727-459a-9d31-f966e02faefd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&pid=12306&adnxs_uid=3705609139205405856
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
dsp.adkernel.com/ Frame 2A87 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:06 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
imd-usync
router.infolinks.com/dyn/ Frame 2A87
Redirect Chain
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://router.infolinks.com/dyn/imd-usync?user_id=61d9f61d-11b7-42a7-82b1-23012f277418&partner_id=1531
35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/imd-usync?user_id=61d9f61d-11b7-42a7-82b1-23012f277418&partner_id=1531
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d009c3aedd835c5-MAN
content-length
35
expires
Tue, 19 Jan 2021 14:04:06 GMT

Redirect headers

location
https://router.infolinks.com/dyn/imd-usync?user_id=61d9f61d-11b7-42a7-82b1-23012f277418&partner_id=1531
date
Wed, 19 Jan 2022 14:04:06 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
outh-usync
router.infolinks.com/dyn/ Frame 2A87
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPaa1fe212-7930-11ec-973c-02dd9ad21694
  • https://router.infolinks.com/dyn/outh-usync?uid=y-r_MzIiRE2uF6o9LQP0w1l0v43DElXSlh~A~UPaa1fe212-7930-11ec-973c-02dd9ad21694
35 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-r_MzIiRE2uF6o9LQP0w1l0v43DElXSlh~A~UPaa1fe212-7930-11ec-973c-02dd9ad21694
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d009c3a8cd935c5-MAN
content-length
35
expires
Tue, 19 Jan 2021 14:04:06 GMT

Redirect headers

location
https://router.infolinks.com/dyn/outh-usync?uid=y-r_MzIiRE2uF6o9LQP0w1l0v43DElXSlh~A~UPaa1fe212-7930-11ec-973c-02dd9ad21694
date
Wed, 19 Jan 2022 14:04:06 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
services
sync.technoratimedia.com/ Frame 2A87
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
  • https://bh.contextweb.com/bh/rtset?pid=558752&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D1%26uuid%3D%25%25VGUID%25%25
  • https://match.bnmla.com/usersync?dspid=1&uuid=7nivg7R83YFW&ev=1&us_privacy=${us_privacy}&pid=558752
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=A20B2D513B384275A1471689BAFD1116
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
0
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
149100743
access-control-allow-origin
https://router.infolinks.com/
access-control-allow-credentials
true

Redirect headers

Location
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
Date
Wed, 19 Jan 2022 14:04:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
sovrn-usync
router.infolinks.com/dyn/ Frame 2A87
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
  • https://router.infolinks.com/dyn/sovrn-usync?uid=9507d50f98ee1f451de52c1f
35 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=9507d50f98ee1f451de52c1f
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d009c3cbb5735c5-MAN
content-length
35
expires
Tue, 19 Jan 2021 14:04:06 GMT

Redirect headers

Date
Wed, 19 Jan 2022 14:04:06 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=9507d50f98ee1f451de52c1f
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usersync
router.infolinks.com/dyn/ Frame 2A87
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8
  • https://router.infolinks.com/dyn/usersync?pmuservalue=3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/usersync?pmuservalue=3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
6d009c3c49f435c5-MAN
content-length
0

Redirect headers

location
https://router.infolinks.com/dyn/usersync?pmuservalue=3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8
date
Wed, 19 Jan 2022 14:04:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
zeta-usync
router.infolinks.com/dyn/ Frame 2A87
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=5144588519291444375
35 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=5144588519291444375
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d009c3c7a6b35c5-MAN
content-length
35
expires
Tue, 19 Jan 2021 14:04:06 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=5144588519291444375
Date
Wed, 19 Jan 2022 14:04:06 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
ssc-cms.33across.com/ps/ Frame 2A87 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-33x-status
2000208
date
Wed, 19 Jan 2022 14:04:05 GMT
server
33XP003
iq-usync
router.infolinks.com/dyn/ Frame 2A87 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/iq-usync
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/usync/manage?pid=3278878&wsid=4&pdom=resistthemainstream.org&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6d009c3bb82d35c5-MAN
content-length
0
doq.htm
rt3011.infolinks.com/action/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3011.infolinks.com/action/doq.htm?pcode=utf-8&r=16426010461021
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fafce2a6c02e3a2c0223b6345518f6134c733fb65b1f2ac2fcea6895b07fe7da

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
x-application-context
application:prod
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-language
de-DE
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
6d009c3abe7954c9-MAN
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8B63
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YegaVq4tePg0.DP1IVKuUwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDUuxLsXe-8PNaJn_yRMeY&google_cver=1&gdpr=1&google_hm=2
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDUuxLsXe-8PNaJn_yRMeY&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 14:04:06 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDUuxLsXe-8PNaJn_yRMeY&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8B63
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YegaVq4tePg0-DP1IVKuUwAABHwAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YegaVq4tePg0-DP1IVKuUwAABHwAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YegaVq4tePg0-DP1IVKuUwAABHwAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:06 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
06MNWEWK8SZZET38ZEKF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:06 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
P9BJ0HCDJ47YEPAXJVB4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YegaVq4tePg0-DP1IVKuUwAABHwAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8B63 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YegaVq4tePg0-DP1IVKuUwAABHwAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8B63 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
noop
px.owneriq.net/ Frame 8B63
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6958874461892139894&uid=Q6958874461892139894&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 14:04:06 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Wed, 19 Jan 2022 14:04:06 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 8B63
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d3458ae5-dbc1-4bdd-9e8c-f7ca1a850ea7
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d3458ae5-dbc1-4bdd-9e8c-f7ca1a850ea7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 14:04:06 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:06 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=d3458ae5-dbc1-4bdd-9e8c-f7ca1a850ea7
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
rum
dsum.casalemedia.com/ Frame 8B63
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1642687446&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1642687446&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 19 Jan 2022 14:04:06 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1642687446&gdpr=1
pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 8B63
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YegaVgAGzGWRWQAm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YegaVgAGzGWRWQAm&gdpr=1&_test=YegaVgAGzGWRWQAm
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YegaVgAGzGWRWQAm&gdpr=1&_test=YegaVgAGzGWRWQAm
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 14:04:06 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1642601047.675415,VS0,VE0
x-served-by
cache-mxp6963-MXP
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YegaVgAGzGWRWQAm&gdpr=1&_test=YegaVgAGzGWRWQAm
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ix-usync
router.infolinks.com/dyn/ Frame 8B63 		35 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=YegaVq4tePg0.DP1IVKuUwAA%261148
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6d009c3c5a2335c5-MAN
content-length
35
expires
Tue, 19 Jan 2021 14:04:06 GMT
dc.js
stats.g.doubleclick.net/ Frame FBC4 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4729
date
Wed, 19 Jan 2022 12:45:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Wed, 19 Jan 2022 14:45:17 GMT
dc.js
stats.g.doubleclick.net/ Frame 89AD 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4729
date
Wed, 19 Jan 2022 12:45:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Wed, 19 Jan 2022 14:45:17 GMT
dc.js
stats.g.doubleclick.net/ Frame F423 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4729
date
Wed, 19 Jan 2022 12:45:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Wed, 19 Jan 2022 14:45:17 GMT
dc.js
stats.g.doubleclick.net/ Frame 2751 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4729
date
Wed, 19 Jan 2022 12:45:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Wed, 19 Jan 2022 14:45:17 GMT
/
c.mgid.com/pv/ 		0
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1642601046482403395132&uniqId=0ab68&childs=1225368&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&sessionId=61e81a56-16931&pageView=1&pvid=17e72a6e1d2b36f27d5&site=720235&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d009c3cbbd0162a-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
HIT
age
2056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6d009c3cdc3c162a-WAW
expires
Thu, 20 Jan 2022 14:04:06 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
HIT
age
2066
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
1D76EA8A206ECCA7
x-amz-id-2
lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6d009c3cdc38162a-WAW
expires
Thu, 20 Jan 2022 14:04:06 GMT
1
servicer.mgid.com/1156929/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1156929/1?pv=5&cbuster=1642601046588347181677&uniqId=0ab68&childs=1225368&niet=4g&nisd=false&jsv=es6&w=1140&h=2875&p6_w=300&p6_h=250&maxw_6=300&maxh_6=250&cols=1&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&sessionId=61e81a56-16931&pageView=1&pvid=17e72a6e1d2b36f27d5&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79478111534fe40c67765c72b4226f505bfb7fe98eaed3a76e3b916f2da57dae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d009c3d5d6f162a-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1149360/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1149360/1?w=660&h=295&cols=2&pv=5&cbuster=1642601046589520829781&uniqId=042c1&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&sessionId=61e81a56-16931&pageView=0&pvid=17e72a6e1d2b36f27d5&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d260021bac6dd35bb05217e25c0b099cd2c194c2c2d4a6475794dcd3f0b7f63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6d009c3d5d71162a-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api.min.js
a.omappapi.com/app/js/ 		202 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
ac3774c809f279d74ee1c089012274410b5715f3d0729a47100c0776a7952943

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cdn-edgestorageid
756
perma-cache
HIT
cdn-storageserver
DE-51
cdn-cachedat
01/18/2022 22:57:58
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-DE1-756
access-control-allow-origin
*
last-modified
Tue, 18 Jan 2022 18:46:39 GMT
cdn-proxyver
1.02
cdn-fileserver
54
etag
W/"61e70b0f-329a3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
d58100dc1a4b27637024170443fde6c2
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
/
resistthemainstream.org/ 		121 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/?ajax-request=jnews
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533526f923f8677628b5a366222206af1969a4ea290791aee59ab54ca75ec210

Request headers

Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2B%2BlH0bmQ93PZIhM2myDdEixo3lf02LkmVW%2B7cVzzZEB4XN46mlVhBbccSWfh54F4AYppz030RYV3dEsNRBbMBsKfogBIj7vHCWuDxgmKQM64V3%2FYJRr0ryth5LC6%2BTLJnAaeWg7gt%2FJE1e6a8k9SobF%2BVzP"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
6d009c3e0f2a59e3-MXP
expires
Wed, 11 Jan 1984 05:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
age
14334572
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
n8jmKSHuY84xypTnf5Q0-egUCswToAg1edjf35qt3AXbbywmFk7IQg==
trump-4-750x394.jpg
resistthemainstream.org/wp-content/uploads/2022/01/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2022/01/trump-4-750x394.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08817bd4cccd0a9b03af4113db4b68eec3f914dc28c5eaa10abcb5700223a6de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 19 Jan 2022 13:18:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7S4CynN1mu4GD7RXDm9VWftsl0oniEcaQAYlz5qsX3t2X4LruCyPLewJr9N51LaDgQA4R1IAqmZ2RS87t1PaQJSJZ8NFLRcJTCywej5MjvGdzbHrqjxzDdaNkzwtvhBU3u6fzjns%2BtdnFg0b9dw4icWEdNdz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d009c3e3f7159e3-MXP
content-length
22869
expires
Fri, 18 Feb 2022 14:04:07 GMT
ben-2-360x180.jpg
resistthemainstream.org/wp-content/uploads/2022/01/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2022/01/ben-2-360x180.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ddcaf89e42db8c5b56cebbedb4c6dbab11c8448db80da035a89d1c36c471be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
MISS
last-modified
Wed, 19 Jan 2022 13:59:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjVzcqxjqjM1ZFBCAOqcY9RCbvRoYm2XTaFBxz%2BNzWE65e2Fn15j0Gvhai7l7Nq25ArhyH5udgfIHWHt65F%2Bh3B0x5OFmyldM%2BAGB74fCUUoOuncrKOf0%2FuuhhTueDtL9CGBhybxBfFx01c9ehjab7dDD7zO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d009c3e3f7459e3-MXP
content-length
13221
expires
Fri, 18 Feb 2022 14:04:07 GMT
Untitled-1-51-360x180.jpg
resistthemainstream.org/wp-content/uploads/2022/01/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2022/01/Untitled-1-51-360x180.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed7a4c69918180b85f75af0c2a00fc2571d2be1d91ac805d763f0d86c127943

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
MISS
last-modified
Wed, 19 Jan 2022 13:57:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxYrTtnKlA71vhME9aPhVGnjgeGXFLRUbExlVECUeXanKZ8toiMnL%2BX3DXHrYRlDkwRxIEhP4QyoeKoEWecyqAjt6iaKCDs1GbQkcIkQzCKjsjI6tb6uAWqYq0r1IyBCiK8fugDlax%2BzkBF1GHrAFqex%2BNV0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d009c3e3f7959e3-MXP
content-length
23898
expires
Fri, 18 Feb 2022 14:04:07 GMT
13763115057895526
lockerdome.com/lad/ Frame DCE1 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/mka1sjxi/a3jph.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Wed, 19 Jan 2022 14:04:06 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNzkzLHlfNTUyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9hZjRmZ...
s-img.mgid.com/g/11533327/492x277/-/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533327/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNzkzLHlfNTUyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9hZjRmZDNlNDJmZmRjYzJhNzhjZmZmYjdmMmU4YmI0Yi5qcGVn.webp?v=1642601046-niYTiUw274OnmsjAtxc8R_U58Mee0EEGyGZ1Wh3HjQY
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b0db51329dcafa9a565af4cb6d80656ec84d986ff0a43e082c2c79fbf381d7

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:23:56 GMT
x-mg-request-uuid
3ffdc29e-1061-48a3-ac60-451e03d8386c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fac135049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23462
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0Lzg0ZmY3MzBiMGY5NTBiODIwMjFmZDBiOTc2M2U5MDJmLmpwZWc.webp
s-img.mgid.com/g/4723163/492x277/0x14x625x416/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4723163/492x277/0x14x625x416/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0Lzg0ZmY3MzBiMGY5NTBiODIwMjFmZDBiOTc2M2U5MDJmLmpwZWc.webp?v=1642601046-KQV7sKLA2deVJN5TOKPWym4Aux2F4Kuu0YcmWBnbeQQ
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e958acd33f23ea0b43f6ce74fc0854f016522eff111bd46b3b7d4543a83f5eb9

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 16:00:15 GMT
x-mg-request-uuid
3f9c5887-92ae-43fe-a03f-ded4f800258a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fac155049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24166
server
cloudflare
performance.css
video-native.mgid.com/mgPlayer/css/1.11/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
02ba7dde63b05ebdf61208cba2cf4c7016d04efe8b8dd37baccb21bba67b8a48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
gzip
last-modified
Mon, 19 Jul 2021 11:03:51 GMT
server
nginx
etag
"9ff4-5c777e47117fe-gzip"
vary
Accept-Encoding
x-cached-since
2021-10-21T10:02:59+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
6890
expires
Fri, 21 Oct 2022 10:02:58 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDcvMTAxOTI0L2NmYjM5MGE0NGZmZjhiOTczMTI0N2FjYTgyOTlkYTRkLmpwZz90PTE0OTE1ODc3OTE5NDE.webp
s-img.mgid.com/g/3805563/492x277/0x0x492x328/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805563/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDcvMTAxOTI0L2NmYjM5MGE0NGZmZjhiOTczMTI0N2FjYTgyOTlkYTRkLmpwZz90PTE0OTE1ODc3OTE5NDE.webp?v=1642601046-PcXjTOVuQjd-lfOfbqT7OraFh2Z6vqt0RqBVk3U6EM0
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171446efc3147e504563f7ebf76d49b06248cb4ed519eb5f91396ed325c97685

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:53:48 GMT
x-mg-request-uuid
a95f5430-bf0c-4d94-b55b-08665e588238
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fac165049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6526
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzM0ZTk1MjczMGY0NjMzODZjOWY1ZjFhMTliNmUxYThmLmpwZWc.webp
s-img.mgid.com/g/8052389/492x277/0x0x855x570/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8052389/492x277/0x0x855x570/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzM0ZTk1MjczMGY0NjMzODZjOWY1ZjFhMTliNmUxYThmLmpwZWc.webp?v=1642601046-kBARLFfYVSfNRVuHRknegBqcVlwoAROOxXHP7ild458
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e411c993df2056f09371cc0e884aaded62bbe0034941356c1f4604771adcb83

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:54:36 GMT
x-mg-request-uuid
c17cf813-dcde-48c9-bc5b-5e668f635ab9
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fac185049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7482
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMjMxLHlfMjkzL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC84MGJmY...
s-img.mgid.com/g/11533286/492x277/-/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533286/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMjMxLHlfMjkzL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC84MGJmYTk2MTQ2MWJkOTY1YjgwNTZkOTlkZGJkOTNiMi5qcGVn.webp?v=1642601046-_s1AL771jva4SUf8YBEIoAwWjxxutxk0gxlU1mnpT10
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
596c5d553384c4fb36ea1d383a03c8fa9dc3b6ffe81187863d5c6a456d7d96c4

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:25:07 GMT
x-mg-request-uuid
ebae0ee8-5c28-4210-951e-2c4be0700f75
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fac1a5049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14880
server
cloudflare
aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg?v=1642601046-NEgAiMK6o62Tu85z8kDcYToFfNbqJMyLBBxbhqdT4Rk
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693c1fc05326e4380777179beeb3c1487c75efb8c83fc995a3a8d8c7c756885f

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
x-mg-request-uuid
6c420f9d-e915-41e2-bec0-79d3dec8a4f2
age
571564
cf-polished
qual=85, origFmt=jpeg, origSize=41842
content-disposition
inline; filename="aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32968
last-modified
Thu, 11 Nov 2021 15:40:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fac1b5049-WAW
cf-bgj
imgq:85,h2pri
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzI1ZjNmNzFiODhlYTY1MTRmZjdlMjU2YmE1MmQzMmIxLmpwZWc.webp
s-img.mgid.com/g/5097641/492x277/0x0x899x599/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/5097641/492x277/0x0x899x599/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzI1ZjNmNzFiODhlYTY1MTRmZjdlMjU2YmE1MmQzMmIxLmpwZWc.webp?v=1642601046-Q6T3dl-p7PRCqAzECcuX1HZFyxFBUYBMCFnSS2kR-3A
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f8c0be5e3afc655e2a886caf7fbdf7a8072c868236821d99a5f080d2128ab08

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:58:38 GMT
x-mg-request-uuid
787c3dd2-d9ad-4ef1-9afb-8ca78a230250
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fcc535049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10844
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp
s-img.mgid.com/g/8193537/492x277/0x168x510x340/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193537/492x277/0x168x510x340/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp?v=1642601046-jSBnM70sSJ4EPYQYwZnmhunoztipFHwlDcTJtqTIaQI
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bd1f9f24e8a0646456a9ae31b47f872cc280d7faedb07b413132a5712bf0bca

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:40:21 GMT
x-mg-request-uuid
d8e3d17e-42d1-4655-a167-c62f84a10b54
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fcc545049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42410
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzFiNDc2YjUwODA1Y2I3NzE3YWQzZTk3Yzk1MTVhMWQwLmpwZWc.webp
s-img.mgid.com/g/4147872/492x277/145x26x822x548/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4147872/492x277/145x26x822x548/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzFiNDc2YjUwODA1Y2I3NzE3YWQzZTk3Yzk1MTVhMWQwLmpwZWc.webp?v=1642601046-hZFvZxrmHzfrxLu8rpshl0Z_TyLRCVu8vRFDbEFhHVA
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c1cdf9cd24649f9d304ae60301cac1a04101c386e522e8322571c472163ab51

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:06 GMT
x-mg-request-uuid
4ade83ac-3ee9-452d-82c2-5ca1dcbd0d85
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fcc565049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11828
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNzMyLHlfNjA2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC84OTljZ...
s-img.mgid.com/g/11739840/492x277/-/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739840/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNzMyLHlfNjA2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC84OTljZTIxMTkwOTY0NWQ3ODhiOTM4OTk1NGZmMWYxMy5qcGVn.webp?v=1642601046-HW6ofdAYZK8E2axiHr1EJRNc6GqMVRw826vfuXlJhuw
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caaff507d173d0ec1f1ebd383b702e37f4ce982c9ad743bf290e4c500fc62be6

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
518c86a2-2894-4c0a-8d03-fa5eb905a67e
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fcc585049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27110
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8164909/492x277/16x0x492x328/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164909/492x277/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1642601046-SOfWeq-XBw0AIqlz9LDLpGBSXkQCIimTGQqY6tPdwI8
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b7733aa4e89d9a633e6e7ab0ed333166c95e920d76c59738129a5d52ffff35a

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:40:59 GMT
x-mg-request-uuid
cc91ba51-9223-49c9-b330-196a6fee7f41
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fcc5e5049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8340
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp
s-img.mgid.com/g/8164860/492x277/0x0x831x554/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164860/492x277/0x0x831x554/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp?v=1642601046-rKWGZIsoI6DalV86XKdH7Wrlj0hW1pxtXCwIhIrvzKU
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45902f1502cd36a63942c2b678d9fb837460a16190961f4077060d82cce7b2ff

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:51:13 GMT
x-mg-request-uuid
01abe947-64ca-4f70-a02d-b7bc338db0ea
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fcc615049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8064
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvMmEwNTVlMDgwNjU3MDgyN...
s-img.mgid.com/g/11533479/492x277/-/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533479/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvMmEwNTVlMDgwNjU3MDgyNDM2ODA1ZDQ5NGI5ZTgzNzEuanBn.webp?v=1642601046-V0NhaDb96y1y9OEOUiH1_OjBiiIxqbja3WtwD4uC8hI
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3e7317418cfb9819b141a94578ee084e3bd1a287cd5bb2626917d85bea0aedf

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:35:04 GMT
x-mg-request-uuid
ee990592-5664-42d3-a834-894d47878ccb
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fcc635049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14266
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDUvMTAxOTI0L2I5OTdjZjg2ZTllYzk2MTYyNjhkYTFmNzk4ZjRlMzZiLmpwZz90PTE0OTE0MDc0OTEzODk.webp
s-img.mgid.com/g/3805542/492x277/0x0x492x328/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805542/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDUvMTAxOTI0L2I5OTdjZjg2ZTllYzk2MTYyNjhkYTFmNzk4ZjRlMzZiLmpwZz90PTE0OTE0MDc0OTEzODk.webp?v=1642601046-oBRPKJFgc565ArVYDb9E8f6atCd7Ag6v_65mvvSKCHk
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57299fb5895094eb1636d7bc12fe20c1ee14d0138de61cddb2b2d10d1edb5c14

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:53:59 GMT
x-mg-request-uuid
f5294e0f-3814-44ba-b4c5-8e89aa61f9a1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fcc655049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47458
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp
s-img.mgid.com/g/8193516/492x277/0x299x1080x720/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193516/492x277/0x299x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp?v=1642601046-l73trOsjM-xtMzazc5eInRA6Y0RC0igNBvhn5s-K4V4
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bb5442b7663ca77c49049cbfb09d65a4cf5357a6edf7ce9baed59530a3235d9

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:51:47 GMT
x-mg-request-uuid
aa1e156a-fbd9-4236-846b-d7d667b5e096
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fcc675049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16050
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2F0dXJhdGlvbjo0MCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF84OTYseV8xMzE2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9jZ...
s-img.mgid.com/g/11739852/492x277/-/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739852/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2F0dXJhdGlvbjo0MCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF84OTYseV8xMzE2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTExLzEwMTkyNC9jZmM2MTFlODU0ODQ3Njc1Yjk3MzM3MDdiMGQ4MjQwMy5qcGVn.webp?v=1642601046-Rl7Y9Za3IJ7iI9b-ldNQeS3HNfQDirpbzt1aMq36aYM
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d17817c1ea0611ea15af93023466823589e08ea692112c57f6c44b0a3cd77e1

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:53:27 GMT
x-mg-request-uuid
6cf1b9ba-590f-4c73-b55b-490109f058db
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fcc6a5049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14188
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzQ1YTczYzA1OWExZmMwMGM5ZWU3ZTNhNTAzOTM4ZTZmLmpwZz90PTE0OTE5OTE2NzgwMDI.webp
s-img.mgid.com/g/3805428/492x277/0x0x492x328/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805428/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzQ1YTczYzA1OWExZmMwMGM5ZWU3ZTNhNTAzOTM4ZTZmLmpwZz90PTE0OTE5OTE2NzgwMDI.webp?v=1642601046-GP0QaDGo6Eeuv9NI1k6gfwjavy7PmiV1QZ2mGwKo9Sg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b876e8b9aa2070787d9f635968d07538cc688fc7543cafa613aa202ec0280b4b

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:00 GMT
x-mg-request-uuid
7917c32d-f616-4a6d-a352-daadd5282c2a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6d009c3fcc6b5049-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5334
server
cloudflare
mgWidget_1.11.77.es6.js
cdn.mgid.com/js/wglibs/ 		314 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.77.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b30f9e224abdbec5da5111b1803a000f95868644ea253620151f8cc73d23a4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
HIT
age
372
last-modified
Mon, 17 Jan 2022 15:27:37 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0PWFQ6T45HKRF8EY
x-amz-id-2
OYkO2QqvY1aQqgu26pggfERV8NMdnzKH7M4txt1MwZ7XwpsQCutQREtcSPUKGR4nm0VkReO3tX0=
cf-bgj
minify
server
cloudflare
etag
W/"0ed795137420da2b173a0ab93b6b395a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6d009c3ecd110017-WAW
expires
Thu, 20 Jan 2022 14:04:06 GMT
i.js
cm.mgid.com/ 		0
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1642601046841582430016
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6d009c3ed96a162a-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
in_search.js
resources.infolinks.com/js/1782.007-3.025/ 		123 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1782.007-3.025/in_search.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8882c05ade8d73602a50fccfc5e3d2ad0ff2427e6c7adafc2d8f13a1da7f1ec4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d009c3ef9c235c5-MAN
date
Wed, 19 Jan 2022 14:04:06 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 17 Jan 2022 12:23:36 GMT
server
cloudflare
age
4605
etag
W/"1eb7c-5d5c638c226a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Fri, 18 Feb 2022 12:47:20 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127290
x-xss-protection
0
expires
Wed, 19 Jan 2022 14:04:06 GMT
i-noref.js
cm.mgid.com/ Frame 0758 		0
85 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1642601046875208328409
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6d009c3f09d1162a-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc.js
stats.g.doubleclick.net/ Frame DCE1 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4730
date
Wed, 19 Jan 2022 12:45:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Wed, 19 Jan 2022 14:45:17 GMT
getads.htm
rt3011.infolinks.com/action/ 		121 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3011.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22news%22%2C%22scs%22%3A%22PUsriUofsG%22%7D%5D&rid=72f4f91e-cbde-4ffd-8ef3-0535c17d2feb&jsv=1782.007-3.025&sr=1600X1200&rts=1642601046992&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=97.0.4692.71&dv=p&ce=t&purl=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&tzo=-0000&c=c&strg=true&rsd=-n4Wz0VRSFsIQ3c7LYhnYM2U3UhzinG5gdqilPFtgAlebltJLbjyPzXz7TvprUDEH8AlVVcFWmYZj1ONBoqTzBlhTDP4PM1mpDocj_jKgp9EAi15SxQzO5gKjyOyVcEB_7vNSmlMwySZALumBu0V_8MVEa4zyihw&rsk=78&rcs=OVMGeF-kTEvnc8nBgXqxMA&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2164db37c8c0162887362f571cbc0172017fb0cfabe7a8103bff46ddfab2cfc2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
6d009c3fcc6b35c5-MAN
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
vidice.js
resources.infolinks.com/js/vidice/1.0/ 		620 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/vidice/1.0/vidice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6d009c401de335c5-MAN
date
Wed, 19 Jan 2022 14:04:07 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 10 Jul 2019 15:15:02 GMT
server
cloudflare
age
4666
etag
W/"9b0d4-58d552435a78c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Fri, 18 Feb 2022 12:46:21 GMT
5f431e98-d068-4121-80c6-6b10f6bbe34f
player.ex.co/player/ 		753 KB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.77.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
34374d31c86754e96757ef8112d38af893c02facdd7a5d6ba5246763b020a474

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
content-encoding
gzip
age
0
x-cache
HIT, MISS
access-control-max-age
600
content-length
223935
x-served-by
cache-iad-kjyo7100085-IAD, cache-mxp6979-MXP
access-control-allow-origin
*
server
nginx
x-timer
S1642601047.192524,VS0,VE107
etag
W/"bc565-EjsNzChBt24hrVOAXQaCTSu4V8c"
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1, 0
v2htzJZjZd-4-M6LjzPypMA7UHcbwT4k6wFkQVk6a0KuZiWj4ZSbxwBcYs1Fj3RorA-P9AxqlEn7YXaTpaA
fearlessfaucet.com/ 		209 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2htzJZjZd-4-M6LjzPypMA7UHcbwT4k6wFkQVk6a0KuZiWj4ZSbxwBcYs1Fj3RorA-P9AxqlEn7YXaTpaA
Requested by
Host: fearlessfaucet.com
URL: https://fearlessfaucet.com/v2gll8Qzgxs-F_tAfYbN9Vu7gRE70yQNcPsdfwHvFYjQd7BtKRQGQf8_AneFC7YOk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
7a6434e73896e4886f8399dc97ad8b126de126381329d04481b37e1cec3893d8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Wed, 19 Jan 2022 14:04:07 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-9csr
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Wed, 19 Jan 2022 14:04:06 GMT
2da96fd8-032f-4992-be53-973caaf00f11
https://resistthemainstream.org/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://resistthemainstream.org/2da96fd8-032f-4992-be53-973caaf00f11
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
v2cybdtvkrhjq3FaSB2F7NL21pC1fLhnt67wwaZa3_e6NRnp3X4EJGz4S4admY2UKn1RMpLwpAhWKxyjWzA
fearlessfaucet.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2cybdtvkrhjq3FaSB2F7NL21pC1fLhnt67wwaZa3_e6NRnp3X4EJGz4S4admY2UKn1RMpLwpAhWKxyjWzA
Requested by
Host: fearlessfaucet.com
URL: https://fearlessfaucet.com/v2gll8Qzgxs-F_tAfYbN9Vu7gRE70yQNcPsdfwHvFYjQd7BtKRQGQf8_AneFC7YOk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Wed, 19 Jan 2022 14:04:07 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-9csr
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
events
prd-collector-anon.ex.co/main/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-209-254.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Wed, 19 Jan 2022 14:04:07 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 13:47:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 14:04:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 14:04:07 GMT
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 19 Jan 2022 14:09:07 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame 3A5C 		347 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:12d:495::2c79 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e9126e8b93d347b328196191cea7e2663506a0e66db75bc82b40afdd297af463

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdte2UTL7MAuIg4xgQlBiB16rwGESKyLxK9jm5jpPcLLVlOddE0Uy7sVH1cccTIn2Yl8tuEpjPJJFsehxgNfu6-P80GveA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99177
last-modified
Sun, 16 Jan 2022 15:13:51 GMT
server
UploadServer
etag
"a539e2b6a9077713b540f13033f629a5"
vary
Accept-Encoding
x-goog-hash
crc32c=GYzRHA==, md5=pTnitqkHdxO1QPEwM/YppQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1642346031448105
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99177
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 19 Jan 2022 14:09:07 GMT
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-209-254.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Wed, 19 Jan 2022 14:04:07 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1642601047558&cid=6187a5a49268ad27da7716d8&VERSION=4.122.1&AV_PAGE_LOAD_UID=b6f4f50b-eaf5-4f31-a4bc-b8f87f9873ac&AV_CDIM4=b6f4f50b-eaf5-4f31-a4bc-b8f87f9873ac&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/sp_hd/v1490095101/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.221.138 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-221-138.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
50fd1b0192e22f68957f2f557255fc06d698bfd8bfa8e168596f443e5b5831f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 14:04:07 GMT
Cache-Tag
299890703640246977373298896385374012786,394554537382471183304184472313687845759,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1127
X-Served-By
cache-dca17769-DCA
Last-Modified
Wed, 09 Jun 2021 05:29:07 GMT
Server
cloudinary
X-Timer
S1638941945.277153,VS0,VE1
ETag
"a42c7ae8b866ad428f953d7bc38769d0"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27898607
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.221.138 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-221-138.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3fd866705913987f41eae0cd3122f984656896b60daf4385f99ed0e356978e33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 14:04:07 GMT
Cache-Tag
299890703640246977373298896385374012786,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1331
X-Served-By
cache-dca17734-DCA
Last-Modified
Fri, 28 May 2021 02:55:25 GMT
Server
cloudinary
X-Timer
S1638944937.767817,VS0,VE1
ETag
"b87901333b21d30f970a9d9982f6400d"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27901507
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/ 		114 KB
115 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.221.138 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-221-138.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
bc871abfceed2f798929653305bcf0c2997c58d7f4f2e86afa881927900d2eb6

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-116747

Response headers

Date
Wed, 19 Jan 2022 14:04:07 GMT
Cache-Tag
299890703640246977373298896385374012786,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-116747/913116
Connection
keep-alive
Content-Length
116748
X-Served-By
cache-dca17764-DCA
Last-Modified
Fri, 28 May 2021 02:55:25 GMT
Server
cloudinary
X-Timer
S1638944632.985613,VS0,VE67
ETag
"a7d8f4b80d06c540ff9289b382f53422"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=27901199
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
e3320350-c223-402b-8c30-04d2053ebd87
https://resistthemainstream.org/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://resistthemainstream.org/e3320350-c223-402b-8c30-04d2053ebd87
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=resistthemainstream.org&sn=&cd4=b6f4f50b-eaf5-4f31-a4bc-b8f87f9873ac&cd5=default&ic=0&tgt=0&app=&wi=679&he=383&test=&d36=6.1.2.98&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=6187a5a49268ad27da7716d8&stagid=&stplid=&e=inventory&vi=0&cb=1642601047811
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
premiumsrv.aniview.com/api/adserver/tag/ 		35 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.122.1&AV_PAGE_LOAD_UID=b6f4f50b-eaf5-4f31-a4bc-b8f87f9873ac&AV_CDIM4=b6f4f50b-eaf5-4f31-a4bc-b8f87f9873ac&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=6187a5a49268ad27da7716d8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=resistthemainstream.org&AV_DADPOS=3&d36=6.1.2.98&responsive=1&sver=1&avtoken=47810&AV_WIDTH=679&AV_HEIGHT=383&AV_DNT=0&cb=1642601047824
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.4.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-4-119.compute-1.amazonaws.com
Software
/
Resource Hash
359f81592d3f661e3bf304f568de4a4b9133e51e7718067060fe995025e90309

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:08 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache
access-control-allow-credentials
true
expires
Sat, 08 Jan 2022 00:17:28 GMT
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.221.138 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-221-138.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
07b28c082dd42dd5f74447cf4d9351338f6c1e81984a42989fe3978d699af694

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 14:04:07 GMT
Last-Modified
Fri, 28 May 2021 02:55:30 GMT
Server
cloudinary
X-Timer
S1634789600.579944,VS0,VE1
ETag
"61fce59e82eca3dfbd97c9bb6ec77a6d"
X-Served-By
cache-wdc5556-WDC
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=23746154
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1342
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		199 KB
199 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.221.138 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-221-138.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
80e7ae17ac456d2b2cc8d8e5b0d34085903b49ba27050029d81938b8d3a9b5ce

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-203415

Response headers

Date
Wed, 19 Jan 2022 14:04:07 GMT
Content-Range
bytes 0-203415/1551376
Connection
keep-alive
Content-Length
203416
X-Served-By
cache-wdc5556-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1634789600.955944,VS0,VE112
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=23746221
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
container-1.0.html
resources.infolinks.com/static/ Frame 2D25 		430 B
434 B 		Document
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/container-1.0.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1782.007-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

date
Wed, 19 Jan 2022 14:04:07 GMT
content-type
text/html; charset=UTF-8
last-modified
Wed, 17 Nov 2021 13:25:02 GMT
cache-control
max-age=2592000
expires
Fri, 18 Feb 2022 12:48:29 GMT
via
1.1 google
cf-cache-status
HIT
age
4538
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6d009c459f6e35c5-MAN
content-encoding
gzip
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		121 KB
122 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.221.138 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-221-138.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
8a6e2d4bbbe4f00b6a81ab036c29d0471f1755d4bf48285c433ec79ad3c0b132

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=203416-327683

Response headers

Date
Wed, 19 Jan 2022 14:04:07 GMT
Content-Range
bytes 203416-327683/1551376
Connection
keep-alive
Content-Length
124268
X-Served-By
cache-wdc5556-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1634789600.955944,VS0,VE112
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=23746221
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
433459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 13:39:48 GMT
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-209-254.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Wed, 19 Jan 2022 14:04:08 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
check
pixel.tapad.com/idsync/ex/receive/ Frame 2D25
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=d2399afc-7902-477e-9388-af96e89aaa1f=&partner_id=3337
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=d2399afc-7902-477e-9388-af96e89aaa1f=&partner_id=3337
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=d2399afc-7902-477e-9388-af96e89aaa1f=&partner_id=3337
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/container-1.0.html
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resources.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:08 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=d2399afc-7902-477e-9388-af96e89aaa1f=&partner_id=3337
date
Wed, 19 Jan 2022 14:04:08 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		168 KB
168 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.221.138 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-221-138.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
fc19d2f154f953b4c51b865cec0bb6aebd2e149ea59b98354c19f2cfe8759ad2

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=327684-499327

Response headers

Date
Wed, 19 Jan 2022 14:04:08 GMT
Content-Range
bytes 327684-499327/1551376
Connection
keep-alive
Content-Length
171644
X-Served-By
cache-wdc5556-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1634789600.955944,VS0,VE112
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=23746220
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		142 KB
142 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.221.138 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-221-138.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
320f9c10b94c5fd531ca60c0fae62fbb1fa70712e1a9caf5d8f37a3a79d3e7ca

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=499328-644463

Response headers

Date
Wed, 19 Jan 2022 14:04:08 GMT
Content-Range
bytes 499328-644463/1551376
Connection
keep-alive
Content-Length
145136
X-Served-By
cache-wdc5556-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1634789600.955944,VS0,VE112
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=23746220
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		125 KB
126 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.221.138 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-221-138.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
db720757cace02ecc1e88d824648d67676e1e25ce8a7cb00a65c7c5ba89e4661

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=644464-772679

Response headers

Date
Wed, 19 Jan 2022 14:04:08 GMT
Content-Range
bytes 644464-772679/1551376
Connection
keep-alive
Content-Length
128216
X-Served-By
cache-wdc5556-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1634789600.955944,VS0,VE112
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=23746220
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		147 KB
148 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.221.138 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-221-138.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3093b0c5dc79ef06886e2ddd238e466e2b43d35e5aeca027ae47f6c4fe003451

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=772680-923455

Response headers

Date
Wed, 19 Jan 2022 14:04:08 GMT
Content-Range
bytes 772680-923455/1551376
Connection
keep-alive
Content-Length
150776
X-Served-By
cache-wdc5556-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1634789600.955944,VS0,VE112
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=23746220
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E81A 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=145300
expires
Fri, 21 Jan 2022 06:25:48 GMT
date
Wed, 19 Jan 2022 14:04:08 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 5D1A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D42%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
209141b22020d5db12eb8617106255a712ed945b48819a952e0cfc225756c4ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|206|4|3|195|130|188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 19 Jan 2022 14:04:08 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:08 GMT
Content-Length
1667
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame E79C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.0.42.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-42-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Jan 2022 14:04:08 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
date
Wed, 19 Jan 2022 14:04:08 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
merge
ce.lijit.com/ Frame 3336 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=376385&3pid=1642601048001-960064121524-005676-001-002338&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D18%26key%3D%5BSOVRNID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
nginx
Date
Wed, 19 Jan 2022 14:04:08 GMT
X-MERGE
GDPR Optout true
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-209-254.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Wed, 19 Jan 2022 14:04:08 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
avpb3.js
player.aniview.com/script/6.1/ Frame 3A5C 		314 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:12d:495::2c79 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
28dd5351e2aa52056b10d3f771c4a60fe54d1968e7f9b620c5a4183a204a8c6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:08 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduhTW2C4GaGKwsF6NSsMm9DWDVWF01LWuG1R5S8TVI1jZsFzyo5gPdi-YZ1S89as4Aj5Ym6PPjUSZZGcW-XKe8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99493
last-modified
Sun, 16 Jan 2022 15:12:35 GMT
server
UploadServer
etag
"30bbe5f0e6bafe9f80485d4ce2024086"
vary
Accept-Encoding
x-goog-hash
crc32c=XUJX7Q==, md5=MLvl8Oa6/p+ASF1M4gJAhg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1642345955262662
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99493
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 19 Jan 2022 14:09:08 GMT
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&w=679&h=383&cbb=2601048204
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:08 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/234705/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&w=679&h=383&cbb=2601048206
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:08 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653219&pgdomain=https%3A%2F%2Fresistthemainstream.org%2F...
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653219&pgdomain=https%3A%2F%2Fresistthemainstream.org%2F...
129 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653219&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601048206&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:07 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:07 GMT
access-control-allow-origin
https://resistthemainstream.org
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653219&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601048206&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653220&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fm...
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653220&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fm...
129 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653220&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601048208&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:08 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:08 GMT
access-control-allow-origin
https://resistthemainstream.org
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653220&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601048208&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=85004&t=1642601048&cip=217.64.151.6&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1642601048001-960064121524-005676-001-002338&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.98&cb=27147057456&cd5=default&cd1=4.122.1&cd4=b6f4f50b-eaf5-4f31-a4bc-b8f87f9873ac&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=request&cb=1642601048210&asid=5fd1f2cc9772f87a350a855b%2C5fbe5add3443ef680f0480d7%2C60c60c3b1731ed2b383f0908%2C60254e56dcfb6a082e596646%2C5ee3d57071193a26344a4076%2C5fa2711a54dbb238c9289f7d%2C6187a5a2beecd3492774a80b%2C5b30e37c073ef468ec3ca049%2C60ebfe94ebe867570438e997%2C60254eaaea2c62223814f756%2C603bb6ac619b766728187834%2C60ebfe86a4a7792110515aa4%2C6187a5a2f2ea41121e3cbd26%2C5fbe1a1fd09dbe29472667bb&ofpr=1.5%2C%2C%2C%2C%2C2%2C%2C%2C%2C1%2C6%2C%2C%2C4&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:08 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:08 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Wed, 19 Jan 2022 14:04:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Wed, 19 Jan 2022 14:04:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.61.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-61-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
461bf33cacfa1dbab2ae827e6cfeae02a06a2f5eaa60f1549cef672d09008772

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:08 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
translator
hbopenbid.pubmatic.com/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Wed, 19 Jan 2022 14:04:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame E79C 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.0.42.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-42-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8d966135b36e38d2706ad968e81430d5514fd6547ff0822d7d01ec4620d0f8df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 14:04:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79755
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 20 Jan 2022 12:13:23 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E81A 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39455292&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:08 GMT
content-length
0
khaos.jpg
token.rubiconproject.com/ Frame E79C 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
dbbc2dbf689859fb5870b364473d5441
Content-Type
image/jpg
getuid
secure.adnxs.com/ Frame 5D1A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
YegaVq4tePg0-DP1IVKuUwAABHwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5D1A 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YegaVq4tePg0-DP1IVKuUwAABHwAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:1794:1826:a9e8:a8ca Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:08 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sync
ups.analytics.yahoo.com/ups/55940/ Frame 5D1A 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YegaVq4tePg0-DP1IVKuUwAABHwAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:08 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 5D1A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2446132118047359188
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2446132118047359188
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 14:04:08 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2446132118047359188
pragma
no-cache
date
Wed, 19 Jan 2022 14:04:08 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 5D1A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fc6661e8-1a58-4000-bb12-96d7b53d68c3&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fc6661e8-1a58-4000-bb12-96d7b53d68c3&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 14:04:08 GMT

Redirect headers

Date
Wed, 19 Jan 2022 14:04:08 GMT
Server
MT3 4133 baa842e master zrh-pixel-x10 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fc6661e8-1a58-4000-bb12-96d7b53d68c3&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 19 Jan 2022 14:04:07 GMT
crum
dsum-sec.casalemedia.com/ Frame 5D1A
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a3bafc4c-4301-4e67-a220-b14c9e258d6c
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a3bafc4c-4301-4e67-a220-b14c9e258d6c
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 14:04:08 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a3bafc4c-4301-4e67-a220-b14c9e258d6c
date
Wed, 19 Jan 2022 14:04:08 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 5D1A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGYn07D0DUAAEDFrKxakQ&expiration=1643810648&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGYn07D0DUAAEDFrKxakQ&expiration=1643810648&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 14:04:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 14:04:08 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGYn07D0DUAAEDFrKxakQ&expiration=1643810648&gdpr=1
Date
Wed, 19 Jan 2022 14:04:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
CookieIndex
rtb.adentifi.com/ Frame 5D1A 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.55.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-55-94.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
cookiesyncendpoint
sync.aniview.com/ Frame 5D1A 		0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1642601048001-960064121524-005676-001-002338&biddername=42&key=YegaVq4tePg0.DP1IVKuUwAA%261148
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642601048001-960064121524-005676-001-002338%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.156.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-156-238.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:08 GMT
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=85004&t=1642601048&cip=217.64.151.6&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1642601048001-960064121524-005676-001-002338&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.98&cb=27147057456&cd5=default&cd1=4.122.1&cd4=b6f4f50b-eaf5-4f31-a4bc-b8f87f9873ac&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=bid&cb=1642601048526&asid=5ee3d57071193a26344a4076%2C6187a5a2beecd3492774a80b%2C60ebfe94ebe867570438e997%2C60ebfe86a4a7792110515aa4%2C6187a5a2f2ea41121e3cbd26&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:08 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3A5C 		377 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127290
x-xss-protection
0
expires
Wed, 19 Jan 2022 14:04:08 GMT
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame C657 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
367559
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 3A5C 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 14:04:08 GMT
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 6873 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
367559
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 6F24 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
367559
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 5E69 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
367559
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 27DF 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
367559
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame 3A5C 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=resistthemainstream.org
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 14:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4172 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 15:00:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9D52 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 15:00:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 45CB 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 15:00:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2A58 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 15:00:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D1F2 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 15:00:17 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame E79C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17136
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Content-Type
image/gif
371.json
id5-sync.com/g/v2/ 		213 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.47 , France, ASN16276 (OVH, FR),
Reverse DNS
p02.id5-sync.com
Software
/
Resource Hash
dfcb579b79dd0ec0355a9bb8e6780b415491bb9a7b89970323e72b802b7dc07e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Wed, 19 Jan 2022 14:04:08 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame 3122 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.0.42.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-42-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Jan 2022 14:04:09 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C32C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=145299
expires
Fri, 21 Jan 2022 06:25:48 GMT
date
Wed, 19 Jan 2022 14:04:09 GMT
vary
Accept-Encoding
ads
pubads.g.doubleclick.net/gampad/ Frame C657 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=681579131387277&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3721417804&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=5F05A15B-AB1E-4F4C-BC58-1649F9911B04&nel=0&eid=44737475%2C44750814&top=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&dt=1642601049304&cookie_enabled=1&scor=1217550744547808&ged=ve4_td1_tt0_pd1_la1000_er5677.321.5829.621_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6873 		12 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22654574672%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=1517586357988798&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d=43&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2179158817&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=5F05A15B-AB1E-4F4C-BC58-1649F9911B04&nel=0&eid=44737475%2C44750814&top=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&dt=1642601049309&cookie_enabled=1&scor=2447801003608892&ged=ve4_td1_tt0_pd1_la1000_er5677.321.5829.621_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a6f6f8afe101cd406e2111b434bdb3acf869b97c9e5bbccf6dcc13afe63be50f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6F24 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4140124263291143&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1166742729&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=5F05A15B-AB1E-4F4C-BC58-1649F9911B04&nel=0&eid=44737475%2C44750814&top=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&dt=1642601049314&cookie_enabled=1&scor=1306915397954750&ged=ve4_td1_tt0_pd1_la1000_er5677.321.5829.621_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 5E69 		156 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_450&description_url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3993631822330849&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2758553450&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=5F05A15B-AB1E-4F4C-BC58-1649F9911B04&nel=0&eid=44737475%2C44750814&top=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&dt=1642601049319&cookie_enabled=1&scor=656498424351419&ged=ve4_td1_tt0_pd1_la1000_er5677.321.5829.621_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 27DF 		12 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22654574672%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_9&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=3161384582247851&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d=43&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2376058707&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=5F05A15B-AB1E-4F4C-BC58-1649F9911B04&nel=0&eid=44737475%2C44750814&top=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&dt=1642601049327&cookie_enabled=1&scor=4027222682079111&ged=ve4_td1_tt0_pd1_la1000_er5677.321.5829.621_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a6f6f8afe101cd406e2111b434bdb3acf869b97c9e5bbccf6dcc13afe63be50f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3122 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.0.42.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-42-150.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8d966135b36e38d2706ad968e81430d5514fd6547ff0822d7d01ec4620d0f8df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 14:04:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=79754
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Thu, 20 Jan 2022 12:13:23 GMT
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		127 KB
128 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.221.138 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-221-138.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
20d39c4e213e747dee4aa55bf503a5eff52c1d294ac947a97742c25fae160730

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=923456-1053927

Response headers

Date
Wed, 19 Jan 2022 14:04:11 GMT
Content-Range
bytes 923456-1053927/1551376
Connection
keep-alive
Content-Length
130472
X-Served-By
cache-wdc5556-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1634789600.955944,VS0,VE112
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=23746217
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:11 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1005
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6d009c5d9f973749-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 18 Feb 2022 14:04:11 GMT
icon
onesignal.com/api/v1/apps/f2f0fa41-3f02-4834-960c-380cf87d3124/ 		184 B
580 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/f2f0fa41-3f02-4834-960c-380cf87d3124/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16e9c3770bc398cefe9acdf34912a67fa1c2099711d977a095cf97f4c741c5e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200 OK
x-envoy-upstream-service-time
2802
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
b41dfef7-078d-4769-9239-2424d932c6fb
x-runtime
0.006124
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"16e9c3770bc398cefe9acdf34912a67f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
6d009c5e8aeb839a-MXP
access-control-allow-headers
SDK-Version
aa38d6c5-9e50-4915-ab27-e0ab33ec583c
img.onesignal.com/permanent/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/aa38d6c5-9e50-4915-ab27-e0ab33ec583c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
888ad0d7ff41ab2c773607ac8c4f60babb965293e65b5a9835355079c2a240b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:12 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
MCPN090F87KT9HYK
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5809
x-amz-id-2
gqbFYTQ1Qaxc7rmh7BH2SWOEk7bt92Vng6SZ27uHoTAT5P62EFZrzQOErThkImKnsH/JCF73kDE=
last-modified
Tue, 07 Dec 2021 21:59:25 GMT
server
cloudflare
etag
"9b57ff41f85b526aaf0b1d73ca5038df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6d009c616b645a13-MXP
expires
Sat, 19 Feb 2022 14:04:12 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=85004&t=1642601048&cip=217.64.151.6&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1642601048001-960064121524-005676-001-002338&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.98&cb=27147057456&cd5=default&cd1=4.122.1&cd4=b6f4f50b-eaf5-4f31-a4bc-b8f87f9873ac&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.227.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-227-90.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 19 Jan 2022 14:04:13 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653219&pgdomain=https%3A%2F%2Fresistthemainstream.org%2F...
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653219&pgdomain=https%3A%2F%2Fresistthemainstream.org%2F...
129 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653219&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601054543&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:13 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:14 GMT
access-control-allow-origin
https://resistthemainstream.org
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653219&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601054543&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
vast2
tag.targeting.unrulymedia.com/rmp/234705/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&w=679&h=383&cbb=2601054543
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:14 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&w=679&h=383&cbb=2601054543
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:14 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653220&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fm...
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653220&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fm...
129 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653220&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601054543&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:13 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:13 GMT
access-control-allow-origin
https://resistthemainstream.org
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://www9.smartadserver.com/ac?siteid=215340&pgid=948871&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653220&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601054543&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653222&pgdomain=https%3A%2F%2Fresistthemainstream.org%2F...
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653222&pgdomain=https%3A%2F%2Fresistthemainstream.org%2F...
129 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653222&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601054545&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:14 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:13 GMT
access-control-allow-origin
https://resistthemainstream.org
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://www9.smartadserver.com/ac?siteid=218209&pgid=1027756&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653222&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601054545&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653229&pgdomain=https%3A%2F%2Fresistthemainstream.org%2F...
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653229&pgdomain=https%3A%2F%2Fresistthemainstream.org%2F...
129 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653229&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601054545&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:14 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:13 GMT
access-control-allow-origin
https://resistthemainstream.org
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=2714705745623653229&pgdomain=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&vph=383&vpw=679&gdpr_consent=&us_privacy=1---&schain=1.0%2C1!playbuzz.com%2C0010J00002BlxpGQAR%2C1%2C%2C%2C&cbb=2601054545&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=85004&t=1642601048&cip=217.64.151.6&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1642601048001-960064121524-005676-001-002338&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.98&cb=27147057456&cd5=default&cd1=4.122.1&cd4=b6f4f50b-eaf5-4f31-a4bc-b8f87f9873ac&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=request&cb=1642601054545&asid=60ebfe94ebe867570438e997%2C60254e56dcfb6a082e596646%2C60c60c3b1731ed2b383f0908%2C60254eaaea2c62223814f756%2C5fbe5add3443ef680f0480d7%2C5b30e37c073ef468ec3ca049%2C5fa2a98bba80693a416064d7%2C59f5f23628a0612040036b8f%2C603bb6ac619b766728187834%2C60ebfe86a4a7792110515aa4%2C5c18de8b073ef432d306911b%2C611a29c7e08a46473c4fc745&ofpr=%2C%2C%2C1%2C%2C%2C%2C3%2C6%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.61.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-61-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f5f9b9c268717f19839dc1e75132506384495244d7a58bd1a454da94e482142e

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:14 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
v1
prg.smartadserver.com/prebid/ 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:14 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.61.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-61-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
58c87e9955dba777458840c59463b6348ebd48175d583d1e84c894ff89fdb02d

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 14:04:14 GMT
content-encoding
gzip
x-prebid
pbs-java/1.80.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=85004&t=1642601048&cip=217.64.151.6&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1642601048001-960064121524-005676-001-002338&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.98&cb=27147057456&cd5=default&cd1=4.122.1&cd4=b6f4f50b-eaf5-4f31-a4bc-b8f87f9873ac&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=bid&cb=1642601054660&asid=60ebfe94ebe867570438e997%2C5fa2a98bba80693a416064d7%2C60ebfe86a4a7792110515aa4&ofpr=%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.58.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-58-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 2F94 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
367565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame 3A5C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=resistthemainstream.org
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 14:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 9521 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
367565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 2C58 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
367565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E89A 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 15:00:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 33D2 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 15:00:17 GMT
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		184 KB
184 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.221.138 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-221-138.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
e249689202d578760f311db8af1646c07100fa7fbcf73b82e229813efd14813a

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=1053928-1241927

Response headers

Date
Wed, 19 Jan 2022 14:04:14 GMT
Content-Range
bytes 1053928-1241927/1551376
Connection
keep-alive
Content-Length
188000
X-Served-By
cache-wdc5556-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1634789600.955944,VS0,VE112
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=23746214
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C0F3 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 15:00:17 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2F94 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4496417183551025&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3721417804&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=5F05A15B-AB1E-4F4C-BC58-1649F9911B04&nel=0&eid=44737475%2C44750814&top=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&dt=1642601054884&cookie_enabled=1&scor=1606903072333496&ged=ve4_td7_tt6_pd7_la7000_er5677.321.5829.621_vi0.0.1200.1600_vp0_ts6_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 9521 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1752249099028083&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2179158817&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=5F05A15B-AB1E-4F4C-BC58-1649F9911B04&nel=0&eid=44737475%2C44750814&top=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&dt=1642601055048&cookie_enabled=1&scor=897835111719030&ged=ve4_td7_tt6_pd7_la7000_er5677.321.5829.621_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2C58 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_450&description_url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4041366105184507&sdkv=h.3.495.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=1166742729&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.495.1&sid=5F05A15B-AB1E-4F4C-BC58-1649F9911B04&nel=0&eid=44737475%2C44750814&top=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fmore-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts%2F%3Futm_source%3Dtelegram&dt=1642601055053&cookie_enabled=1&scor=394691543001831&ged=ve4_td7_tt6_pd7_la7000_er5677.321.5829.621_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 14:04:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| admiral object| googletag function| OneSignal function| gtag object| dataLayer string| jnews_ajax_url object| google_tag_manager object| google_tag_data object| gaGlobal function| _0x3b44 function| _0x25f7b7 function| _0x4379 object| jnews object| jnewsDataStorage object| _wpemojiSettings number| __oneSignalSdkLoadCount function| __jp0 function| 4dm1r11545242527 object| PDFObject undefined| $ function| jQuery number| infolinks_pid number| infolinks_wsid object| $iceboot object| INFOLINKS object| ldAdInit number| HYVOR_TALK_WEBSITE object| HYVOR_TALK_CONFIG object| jnews_module_47922_0_61e819630073a object| jfla boolean| jQueryScriptOutputted function| initJQuery string| HYVOR_TALK_DOMAIN object| _ldAdIdMap object| hyvorTalkCommentCount function| _typeof object| $ice object| $infolinks object| _mgIntExchangeNews object| MarketGidInfC1156929 function| MarketGidCContextBlock1156929 function| MarketGidCMainBlock1156929 function| MarketGidCInternalExchangeBlock1156929 function| MarketGidCRejectBlock1156929 function| MarketGidCCriteoBlock1156929 function| MarketGidCInternalExchangeLoggerBlock1156929 function| MarketGidCObserverBlock1156929 function| MarketGidCSendDimensionsBlock1156929 function| MarketGidCRtbBlock1156929 function| MarketGidCDiscountBlock1156929 function| MarketGidCContentPreviewBlock1156929 boolean| mg_loaded_720235_1156929 object| MarketGidInfC1261872 function| MarketGidCContextBlock1261872 function| MarketGidCMainBlock1261872 function| MarketGidCInternalExchangeBlock1261872 function| MarketGidCRejectBlock1261872 function| MarketGidCCriteoBlock1261872 function| MarketGidCInternalExchangeLoggerBlock1261872 function| MarketGidCObserverBlock1261872 function| MarketGidCSendDimensionsBlock1261872 function| MarketGidCRtbBlock1261872 function| MarketGidCDiscountBlock1261872 function| MarketGidCContentPreviewBlock1261872 boolean| mg_loaded_720235_1261872 object| MarketGidInfC1149360 function| MarketGidCContextBlock1149360 function| MarketGidCMainBlock1149360 function| MarketGidCInternalExchangeBlock1149360 function| MarketGidCRejectBlock1149360 function| MarketGidCCriteoBlock1149360 function| MarketGidCInternalExchangeLoggerBlock1149360 function| MarketGidCObserverBlock1149360 function| MarketGidCSendDimensionsBlock1149360 function| MarketGidCRtbBlock1149360 function| MarketGidCContentPreviewBlock1149360 function| MarketGidCResponsiveBlock1149360 boolean| mg_loaded_720235_1149360 number| $iceId object| addComment function| EvEmitter function| imagesLoaded object| jnewsoption object| twemoji object| wp object| onClickExcludes function| mgReject1156929 function| mgLoadAds1156929_0ab68 function| MarketGidCReject1156929 function| MarketGidLoadGoods1156929_0ab68 function| mgReject1225368 function| mgLoadAds1225368_0ab68 function| MarketGidCReject1225368 function| MarketGidLoadGoods1225368_0ab68 function| mgReject1149360 function| mgLoadAds1149360_042c1 function| MarketGidCReject1149360 function| MarketGidLoadGoods1149360_042c1 function| mgReject1261872 function| mgLoadAds1261872_1260e function| MarketGidCReject1261872 function| MarketGidLoadGoods1261872_1260e object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint720235 string| _mgPvid boolean| _mgPageView720235 object| lazySizesConfig object| lazySizes function| Waypoint object| html5 object| Modernizr object| tve_dash_front object| TVE_Dash object| jnews_select_share boolean| wpquads_adblocker_check boolean| wpquads_adblocker_check_2 object| tcb_post_lists object| TL_Const object| omapi_data function| onYouTubeIframeAPIReady number| progressTimer function| OptinMonsterApp boolean| om_loaded function| LoadCriteoAllPlaces1149360_042c1 boolean| i.js.loaded boolean| i-noref.js.loaded function| LoadCriteoAllPlaces1156929_0ab68 function| _mgLib1_11_77 function| _mgwqp object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| vttjs function| WebVTT function| ILVideo object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| regeneratorRuntime object| __EXCO string| pbPageIdentifier function| Hls function| av_sciv_hndlr1642601047799 object| storageAni object| closure_lm_589558

74 Cookies

Domain/Path Name / Value
resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts Name: quads_browser_width
Value: 1600
resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts Name: logglytrackingsession
Value: 44a70fdb-5720-4754-b8d8-d28f52e15ee7
resistthemainstream.org/more-than-30-former-trump-officials-hold-secret-call-aimed-at-working-against-the-former-presidents-efforts Name: exco-uid
Value: xschvzc6z40r0qbr
.resistthemainstream.org/ Name: _ga_MHSJPPB6JE
Value: GS1.1.1642601044.1.0.1642601044.0
.mgid.com/ Name: __cf_bm
Value: kSg750c2E_FTv3pDWJ7656B3tr6yKRe2YD72AALBrKs-1642601045-0-ATmhS2ZjRY57aQepFAEtP6LcBgB9oPy/oa7hsF6d4NDh2t5s4ozLxj8B8LF+NTpxPMFwLATyYS+0kYNiEXalkR4=
.resistthemainstream.org/ Name: _ga
Value: GA1.2.1104123751.1642601044
.resistthemainstream.org/ Name: _gid
Value: GA1.2.1044281161.1642601046
.resistthemainstream.org/ Name: _gat
Value: 1
.infolinks.com/ Name: cuid
Value: d2399afc-7902-477e-9388-af96e89aaa1f
.adnxs.com/ Name: uuid2
Value: 3705609139205405856
.yahoo.com/ Name: A3
Value: d=AQABBFYa6GECEJw9FJQ4U1kW1mSN--Itj10FEgEBAQFr6WHxYQAAAAAA_eMAAA&S=AQAAAvwHyeeAzWM_oVN41ZwMzNw
.advertising.com/ Name: APID
Value: UPaa1fe212-7930-11ec-973c-02dd9ad21694
.analytics.yahoo.com/ Name: IDSYNC
Value: "192u~22r2:18xp~22r2"
.yahoo.com/ Name: APID
Value: UPaa1fe212-7930-11ec-973c-02dd9ad21694
.yahoo.com/ Name: APIDTS
Value: 1642601046
.pubmatic.com/ Name: SyncRTB3
Value: 1643760000%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8
.360yield.com/ Name: tuuid
Value: 61d9f61d-11b7-42a7-82b1-23012f277418
.360yield.com/ Name: tuuid_lu
Value: 1642601046
.casalemedia.com/ Name: CMID
Value: YegaVq4tePg0.DP1IVKuUwAA
.casalemedia.com/ Name: CMPS
Value: 5200
.adsrvr.org/ Name: TDID
Value: 0ada8bb6-eeed-438a-87f4-ebae209382e3
.casalemedia.com/ Name: CMPRO
Value: 1148
.infolinks.com/ Name: ANUSERCOOKIE
Value: 3705609139205405856
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-CALp9PpE2uEnsbE9iI1mVW8WwuFhBJYUv4kWQe4-~A
.doubleclick.net/ Name: IDE
Value: AHWqTUkV1jeqwaaI0KI8HDnKgO_FQ6nZlXfoKt62aFlztrbvmLzuBGrJgoe6HmNnlI0
.cpx.to/ Name: cpSess
Value: 66d51744973445b
.cpx.to/ Name: dsp_app_nexus
Value: 3705609139205405856#1642601046257
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiEot6X6detOhAFOAE.
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2f46f8cf-4a34-4dbc-a9bb-ac1aabcc2546-003%22%7D
.infolinks.com/ Name: IMDUSERCOOKIE
Value: 61d9f61d-11b7-42a7-82b1-23012f277418
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-r_MzIiRE2uF6o9LQP0w1l0v43DElXSlh~A~UPaa1fe212-7930-11ec-973c-02dd9ad21694
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-2f46f8cf-4a34-4dbc-a9bb-ac1aabcc2546-003%22%7D
.lijit.com/ Name: ljt_reader
Value: 9507d50f98ee1f451de52c1f
.pubmatic.com/ Name: PUBMDCID
Value: 3
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFslzmtoZmJkZmBoYGJmYmwOAA09wNIQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1tDSyBDJNjM1NhfgMddPKjaNSvULKjHKNXQAUjtc8JQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1tDSyBDJNjM1NhfgMddPKjaNSvULKjHKNXaR4Dc1MjMwMDA1MzIDyAOMEkek0AAAA
.pubmatic.com/ Name: pi
Value: 156872:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.bnmla.com/ Name: rx_sspurl_1000361
Value: https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D0b920ff3-91e6-4adf-846a-027b28e401a6
.bnmla.com/ Name: rx_uuid
Value: 0b920ff3-91e6-4adf-846a-027b28e401a6
.bnmla.com/ Name: rx_maxage_1000361
Value: 1643897046
.owneriq.net/ Name: si
Value: Q6958874461892139894
.owneriq.net/ Name: p2
Value: cc
.infolinks.com/ Name: KADUSERCOOKIE
Value: 3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8~1642601132900
.infolinks.com/ Name: R1USERCOOKIE
Value: RX-2f46f8cf-4a34-4dbc-a9bb-ac1aabcc2546-003
.infolinks.com/ Name: IXUSERCOOKIE
Value: YegaVq4tePg0.DP1IVKuUwAA&1148
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 5144588519291444375
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: 3CC2C3DD-0A22-48E5-9D79-C3B37EFF69D8
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: 9507d50f98ee1f451de52c1f
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YegaVgAGzGWRWQAm
servicer.mgid.com/ Name: __mglb
Value: ed02bb11b748a9279413c1eb8e47c448
.mgid.com/ Name: muidn
Value: m0j6v9myYP46
.resistthemainstream.org/ Name: paywall_product
Value: false
resistthemainstream.org/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1156929%22%3A%7B%22page%22%3A1%2C%22time%22%3A1642601046817%7D%2C%22C1149360%22%3A%7B%22page%22%3A1%2C%22time%22%3A1642601046763%7D%2C%22C1261872%22%3A%7B%22page%22%3A1%7D%7D
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ace529861c183db5
.simpli.fi/ Name: suid
Value: A20B2D513B384275A1471689BAFD1116
.bnmla.com/ Name: rx_sspid_1000361
Value: 170_162_175_181_19_203_213
.resistthemainstream.org/ Name: _awl
Value: 2.1642601047.0.5-f0636ab23c10a3bdb7a4b25809690caf-6763652d6575726f70652d7765737431-0
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.tapad.com/ Name: TapAd_TS
Value: 1642601048018
.tapad.com/ Name: TapAd_DID
Value: 7195bf70-3cf8-4af4-b184-2e776040359d
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.aniview.com/ Name: aniC
Value: 1642601048001-960064121524-005676-001-002338
resistthemainstream.org/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.casalemedia.com/ Name: CMST
Value: YegaVmHoGlgA
.mathtag.com/ Name: uuid
Value: fc6661e8-1a58-4000-bb12-96d7b53d68c3
.bidr.io/ Name: bito
Value: AAGYn07D0DUAAEDFrKxakQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.aniview.com/ Name: 2_C_42
Value: YegaVq4tePg0.DP1IVKuUwAA&1148
sync.aniview.com/ Name: 2_C_42
Value: YegaVq4tePg0.DP1IVKuUwAA&1148
.turn.com/ Name: uid
Value: 2446132118047359188
.casalemedia.com/ Name: CMRUM3
Value: 1f61e81a5605a00&bc61e81a5805a00&e661e81a562760&4961e81a5805a0&ce61e81a5805a0&f161e81a5605a0&0361e81a582760fc6661e8-1a58-4000-bb12-96d7b53d68c3&8261e81a582760AAGYn07D0DUAAEDFrKxakQ&9861e81a562760d3458ae5-dbc1-4bdd-9e8c-f7ca1a850ea7&2761e81a560b40&c361e81a582760av-a3bafc4c-4301-4e67-a220-b14c9e258d6c&4161e81a5605a0&5861e81a562760YegaVgAGzGWRWQAm&2e61e81a5805a0&2d61e81a562760CAESEIDUuxLsXe-8PNaJn_yRMeY&0461e81a5827602446132118047359188

2 Console Messages

Source Level URL
Text
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
other warning URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb(Line 2)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
ap.lijit.com
atrack.avplayer.com
b1sync.zemanta.com
bh.contextweb.com
c.mgid.com
casale-match.dotomi.com
cdn.mgid.com
cdn.onesignal.com
cdn2.lockerdomecdn.com
ce.lijit.com
cm.g.doubleclick.net
cm.mgid.com
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fearlessfaucet.com
fonts.googleapis.com
fonts.gstatic.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
img.onesignal.com
jsc.mgid.com
lockerdome.com
match.adsrvr.org
match.bnmla.com
match.prod.bidr.io
mcd.ex.co
nep.advangelists.com
onesignal.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.tapad.com
player.aniview.com
player.avplayer.com
player.ex.co
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-server.rubiconproject.com
premiumsrv.aniview.com
prg.smartadserver.com
pubads.g.doubleclick.net
px.owneriq.net
resistthemainstream.org
resources.infolinks.com
router.infolinks.com
rt3011.infolinks.com
rtb.adentifi.com
s-img.mgid.com
s.amazon-adsystem.com
s.cpx.to
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
servicer.mgid.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tag.targeting.unrulymedia.com
talk.hyvor.com
token.rubiconproject.com
track1.aniview.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
video-native.mgid.com
www.google-analytics.com
www.googletagmanager.com
www9.smartadserver.com
104.108.144.214
104.108.145.8
104.111.242.53
104.154.142.214
104.19.134.78
129.159.70.95
142.250.181.226
142.250.186.130
151.101.130.132
151.101.130.49
169.50.137.184
172.66.41.9
172.66.42.247
174.137.133.49
178.162.133.149
18.234.22.74
185.29.132.245
185.64.189.112
185.64.190.79
185.64.190.80
185.86.137.114
185.86.138.122
193.0.160.128
198.148.27.140
198.47.127.19
198.47.127.20
2.19.35.65
213.19.147.43
213.19.147.45
216.52.2.30
23.0.42.150
2600:9000:223f:de00:8:48e:53c0:93a1
2600:9000:225e:6a00:a:cbb7:a940:93a1
2606:4700:20::681a:256
2606:4700:20::ac43:4514
2606:4700::6812:e134
2606:4700::6812:e234
2620:112:f006:bbbb::12
2a00:1450:4001:802::2002
2a00:1450:4001:803::200e
2a00:1450:4001:808::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2006
2a00:1450:400c:c06::9b
2a02:26f0:12d:495::2c79
2a02:26f0:6c00::210:bb21
2a02:fa8:8806:12::1370
2a03:90c0:41:2801::254
2a05:d018:d29:3602:1794:1826:a9e8:a8ca
3.126.56.137
3.209.156.238
3.66.148.67
34.194.30.250
34.249.18.151
34.98.64.218
35.173.4.119
35.190.62.199
35.227.248.159
37.252.172.36
37.252.173.215
38.27.122.101
51.89.9.251
52.223.40.198
52.46.130.91
52.73.58.202
52.86.227.90
54.229.61.172
54.229.75.47
54.36.109.47
54.77.243.210
54.84.55.94
54.88.209.254
64.202.112.63
67.202.105.23
67.202.105.33
69.173.151.100
72.251.249.13
8.39.36.141
88.221.221.138
89.187.169.47
02ba7dde63b05ebdf61208cba2cf4c7016d04efe8b8dd37baccb21bba67b8a48
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
07b28c082dd42dd5f74447cf4d9351338f6c1e81984a42989fe3978d699af694
08817bd4cccd0a9b03af4113db4b68eec3f914dc28c5eaa10abcb5700223a6de
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
0e3e8b6a4608aad2b3ac26700a794ccd57fa7779ae42f12dd9c9221417744e14
0e411c993df2056f09371cc0e884aaded62bbe0034941356c1f4604771adcb83
10d10d857f0b9ee4649d0b0531ea87e1527a0dbbc3f3647cebfcd922c6c37ba5
13a5462c2f5f99d577d2eeacd13b2b563af4be39cba429ccc35eb6d5e92e59df
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1571f1bece418ee90d63337858269630c13b63c4bc5d8fcbb6caf1ea8b29d998
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
16e9c3770bc398cefe9acdf34912a67fa1c2099711d977a095cf97f4c741c5e2
171446efc3147e504563f7ebf76d49b06248cb4ed519eb5f91396ed325c97685
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1b7733aa4e89d9a633e6e7ab0ed333166c95e920d76c59738129a5d52ffff35a
1bb5442b7663ca77c49049cbfb09d65a4cf5357a6edf7ce9baed59530a3235d9
209141b22020d5db12eb8617106255a712ed945b48819a952e0cfc225756c4ef
20d39c4e213e747dee4aa55bf503a5eff52c1d294ac947a97742c25fae160730
2164db37c8c0162887362f571cbc0172017fb0cfabe7a8103bff46ddfab2cfc2
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28dd5351e2aa52056b10d3f771c4a60fe54d1968e7f9b620c5a4183a204a8c6d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c1cdf9cd24649f9d304ae60301cac1a04101c386e522e8322571c472163ab51
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
30389cf8a9540caad65157f94347a01b77a96327398ff615be1a6cc346473553
3093b0c5dc79ef06886e2ddd238e466e2b43d35e5aeca027ae47f6c4fe003451
31a2b87637211d065cc2722c6ce0a173c4defdbaa4ff7b8144ff6902457aa017
320f9c10b94c5fd531ca60c0fae62fbb1fa70712e1a9caf5d8f37a3a79d3e7ca
34374d31c86754e96757ef8112d38af893c02facdd7a5d6ba5246763b020a474
359f81592d3f661e3bf304f568de4a4b9133e51e7718067060fe995025e90309
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3c025a9ff322a60f03aa800352708e0294d6aa576a768a96d23bb1e6db7ec314
3d17817c1ea0611ea15af93023466823589e08ea692112c57f6c44b0a3cd77e1
3d260021bac6dd35bb05217e25c0b099cd2c194c2c2d4a6475794dcd3f0b7f63
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fd866705913987f41eae0cd3122f984656896b60daf4385f99ed0e356978e33
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44b0db51329dcafa9a565af4cb6d80656ec84d986ff0a43e082c2c79fbf381d7
45902f1502cd36a63942c2b678d9fb837460a16190961f4077060d82cce7b2ff
461bf33cacfa1dbab2ae827e6cfeae02a06a2f5eaa60f1549cef672d09008772
47ddcaf89e42db8c5b56cebbedb4c6dbab11c8448db80da035a89d1c36c471be
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49785680ff1b6b6600ec7ca571892ca92195bd1fef0908a96ab397045d34d23b
4bd1f9f24e8a0646456a9ae31b47f872cc280d7faedb07b413132a5712bf0bca
4c81e03d5961a492e1ee3b4bf73eae923fdabda4330447f577920d64f5234f07
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f8c0be5e3afc655e2a886caf7fbdf7a8072c868236821d99a5f080d2128ab08
50fd1b0192e22f68957f2f557255fc06d698bfd8bfa8e168596f443e5b5831f3
533526f923f8677628b5a366222206af1969a4ea290791aee59ab54ca75ec210
57299fb5895094eb1636d7bc12fe20c1ee14d0138de61cddb2b2d10d1edb5c14
58c87e9955dba777458840c59463b6348ebd48175d583d1e84c894ff89fdb02d
596c5d553384c4fb36ea1d383a03c8fa9dc3b6ffe81187863d5c6a456d7d96c4
610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
67c07c0e4ec4c5d0bc7e227dbe689dd03035b4cb0f8394574e1b6740af383461
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
693c1fc05326e4380777179beeb3c1487c75efb8c83fc995a3a8d8c7c756885f
6e244abc7224f0d09a459628f4b146d1eab85dbeafad852405cd2dfca3648469
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
735ba0855a8e681e98e185111aae755c396d6c0f889c40947b6d758551075f6e
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77403e128e5185b66dc8d0664e55d45595b01dddd2837fedd1f43cd3a344480f
79478111534fe40c67765c72b4226f505bfb7fe98eaed3a76e3b916f2da57dae
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a6434e73896e4886f8399dc97ad8b126de126381329d04481b37e1cec3893d8
7b30f9e224abdbec5da5111b1803a000f95868644ea253620151f8cc73d23a4c
80e7ae17ac456d2b2cc8d8e5b0d34085903b49ba27050029d81938b8d3a9b5ce
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8531c1d1e6b51027a70277fb4c156d10b908a476096a6e7cc7a308cc9b68b0e4
85eb20716bc8ce7e73fda962e633d6b51749f10255b6da660d1a2a19ccff2531
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
8882c05ade8d73602a50fccfc5e3d2ad0ff2427e6c7adafc2d8f13a1da7f1ec4
888ad0d7ff41ab2c773607ac8c4f60babb965293e65b5a9835355079c2a240b0
8a6e2d4bbbe4f00b6a81ab036c29d0471f1755d4bf48285c433ec79ad3c0b132
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d966135b36e38d2706ad968e81430d5514fd6547ff0822d7d01ec4620d0f8df
9284a576560f7b1bf06488542d70ebd656ccc7126ffa8fbfe2b3c0fb8fff9092
939d003d7b0e43c57a36a27ff438b805c5074bf26aab94b38d743d0314f300b6
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f6f8afe101cd406e2111b434bdb3acf869b97c9e5bbccf6dcc13afe63be50f
ac3774c809f279d74ee1c089012274410b5715f3d0729a47100c0776a7952943
aff16f52b0b9a529e919ec1f99a8475d01e622bb44c02b4643f5fe7c6df90cbe
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b4c3f2f4e6c235296994b221f594ca331291a92988ab4c327f50981369940b
b372d1e8bb526c00e09892fb25aeec4903290e4de8b8477d1cb7911f1d28199c
b3e7317418cfb9819b141a94578ee084e3bd1a287cd5bb2626917d85bea0aedf
b876e8b9aa2070787d9f635968d07538cc688fc7543cafa613aa202ec0280b4b
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
bc871abfceed2f798929653305bcf0c2997c58d7f4f2e86afa881927900d2eb6
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3d6f43856edb4773691473aba669b43e4b4a0caeae37d2f8fa19456f1b8adae
c68ef40d78ae566ec35f1d0785b503add002abe8ad92c8543077ab9dbe4a4b1d
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caaff507d173d0ec1f1ebd383b702e37f4ce982c9ad743bf290e4c500fc62be6
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
da784cf99cdbf1386e316c0f8a5dff540b585882be2b383ec32042f5708b2b85
db720757cace02ecc1e88d824648d67676e1e25ce8a7cb00a65c7c5ba89e4661
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dfcb579b79dd0ec0355a9bb8e6780b415491bb9a7b89970323e72b802b7dc07e
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e249689202d578760f311db8af1646c07100fa7fbcf73b82e229813efd14813a
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1
e9126e8b93d347b328196191cea7e2663506a0e66db75bc82b40afdd297af463
e958acd33f23ea0b43f6ce74fc0854f016522eff111bd46b3b7d4543a83f5eb9
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eb02ece378515bd73800289ae4b0ecc7e54338ae7ab891a1f8e9b649389cfa45
ed367284fdd0727d23443d61fef66e9d1bc522690f63fa510be7eba01005590a
eed7a4c69918180b85f75af0c2a00fc2571d2be1d91ac805d763f0d86c127943
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5f9b9c268717f19839dc1e75132506384495244d7a58bd1a454da94e482142e
f62e11b110b6233da7f94fc6715e2d026d3dd3cc22fa394623ba16c9316fa8f8
f81a7c494112c262aa627cdce3c5f48196855e06c1ce44be10d5492a9c76b345
fafce2a6c02e3a2c0223b6345518f6134c733fb65b1f2ac2fcea6895b07fe7da
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc19d2f154f953b4c51b865cec0bb6aebd2e149ea59b98354c19f2cfe8759ad2
fc9c3fcc4471623d464db7a4744808d67f44d3037866797a3fce2c046685c9bd
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869