urlscan.io logo urlscan.io
SecurityTrails logo

bipartisanreport.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bipartisanreport.com/2022/12/30/trump-caught-having-secret-foreign-bank-account-despite-denials
Effective URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Submission: On January 01 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 3 countries across 19 domains to perform 74 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is bipartisanreport.com. The Cisco Umbrella rank of the primary domain is 588184.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 25th 2022. Valid for: a year.
This is the only time bipartisanreport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
4 99.86.4.117 16509 (AMAZON-02)
1 151.101.130.207 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 54.93.72.11 16509 (AMAZON-02)
2 176.9.25.22 24940 (HETZNER-AS)
1 151.101.194.207 54113 (FASTLY)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2600:1901:0:6... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
1 2600:1901:0:7... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
74 25
15    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
bipartisanreport.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.theardent.group
6    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
4    99.86.4.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-117.fra6.r.cloudfront.net
u5.investingchannel.com
1    151.101.130.207 (United States)

ASN54113 (FASTLY, US)
sdk.mrf.io
7    2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    54.93.72.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-72-11.eu-central-1.compute.amazonaws.com
uat5-a.investingchannel.com
2    176.9.25.22 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy10.cl03.het.mrf.io
events.newsroom.bi
1    151.101.194.207 (United States)

ASN54113 (FASTLY, US)
flowcards.mrf.io
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2600:1901:0:636d::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
lovelydrum.com
1    2600:9000:214f:a400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2600:1901:0:7416::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
haltinggold.com
3    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:400d:80c::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
15 bipartisanreport.com
bipartisanreport.com — Cisco Umbrella Rank: 588184
360 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
204 KB
8 investingchannel.com
u5.investingchannel.com — Cisco Umbrella Rank: 83731
uat5-a.investingchannel.com — Cisco Umbrella Rank: 77810
181 KB
7 gstatic.com
fonts.gstatic.com
192 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3224
onesignal.com — Cisco Umbrella Rank: 951
img.onesignal.com — Cisco Umbrella Rank: 6858
155 KB
4 lovelydrum.com
lovelydrum.com — Cisco Umbrella Rank: 85241
98 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
region1.google-analytics.com — Cisco Umbrella Rank: 2124
20 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
236 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
2 KB
2 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 10444
856 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
5 KB
2 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 13372
flowcards.mrf.io — Cisco Umbrella Rank: 13794
26 KB
2 theardent.group
cdn.theardent.group — Cisco Umbrella Rank: 460967
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
2 KB
1 haltinggold.com
haltinggold.com
74 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 867
466 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 5450
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1011
703 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356
3 KB
74 19
Domain Requested by
15 bipartisanreport.com 1 redirects bipartisanreport.com
7 fonts.gstatic.com fonts.googleapis.com
6 pagead2.googlesyndication.com bipartisanreport.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 lovelydrum.com u5.investingchannel.com
lovelydrum.com
4 uat5-a.investingchannel.com u5.investingchannel.com
4 u5.investingchannel.com bipartisanreport.com
u5.investingchannel.com
4 www.googletagmanager.com bipartisanreport.com
cdn.theardent.group
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 onesignal.com cdn.onesignal.com
3 www.google-analytics.com bipartisanreport.com
u5.investingchannel.com
www.google-analytics.com
2 events.newsroom.bi sdk.mrf.io
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 cdn.onesignal.com bipartisanreport.com
cdn.onesignal.com
2 cdn.theardent.group bipartisanreport.com
2 fonts.googleapis.com bipartisanreport.com
haltinggold.com
1 www.google.com tpc.googlesyndication.com
1 haltinggold.com lovelydrum.com
1 img.onesignal.com bipartisanreport.com
1 static.adsafeprotected.com lovelydrum.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 flowcards.mrf.io bipartisanreport.com
1 sdk.mrf.io bipartisanreport.com
1 cdnjs.cloudflare.com bipartisanreport.com
74 26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
telegram.me
www.cnn.com
getadmiral.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-25 -
2023-06-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.investingchannel.com
Go Daddy Secure Certificate Authority - G2		 2022-05-11 -
2023-06-12		 a year crt.sh
sdk.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-23 -
2023-11-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2022-11-30 -
2023-02-28		 3 months crt.sh
flowcards.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-23 -
2023-11-24		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
lovelydrum.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
haltinggold.com
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Frame ID: B8B8FCF40672BAE4ADDE28C9747E2B68
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: C3F3B869AA3E8B6067B88BFE549478AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9423350550327606&output=html&adk=1812271804&adf=3025194257&lmt=1672524888&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fbipartisanreport.com%2F2022%2F12%2F30%2Fsuspicious-tax-discrepancies-uncovered-in-released-trump-returns%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672535350052&bpp=5&bdt=484&idt=342&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7585510383742&frm=20&pv=2&ga_vid=205826734.1672535350&ga_sid=1672535350&ga_hid=1946581499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C44780792&oid=2&pvsid=908900313719909&tmod=661690457&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=377
Frame ID: 274CD69494A84A4621EFFD7160A5784E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C0A8F2D3B0545386552809905D024BCC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45CB2777333525FCD87EE6559EAAC444
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Suspicious Tax Discrepancies Uncovered In Released Trump Returnsuser-signalchecklistsettings-toggle-horizontal

Page URL History Show full URLs

  1. https://bipartisanreport.com/2022/12/30/trump-caught-having-secret-foreign-bank-account-despite-denials HTTP 301
    https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

74
Requests

99 %
HTTPS

79 %
IPv6

19
Domains

26
Subdomains

25
IPs

3
Countries

1563 kB
Transfer

5370 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bipartisanreport.com/2022/12/30/trump-caught-having-secret-foreign-bank-account-despite-denials HTTP 301
    https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Redirect Chain
  • https://bipartisanreport.com/2022/12/30/trump-caught-having-secret-foreign-bank-account-despite-denials
  • https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
203 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cec6bd26dbcaf4fc7ff2d310f6e9d7acd8900bf66bce448d77e63f139de8d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
EXPIRED
cf-ray
78275e2a0cdb5c9e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 01 Jan 2023 01:09:09 GMT
last-modified
Sat, 31 Dec 2022 22:14:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1X22%2Bdq55DpJ7KFVf4AIoXy8k3JqcKXRWIbm97BoJwVgBsq3PjsbDpgjUT2Up8kvi7uCaImhadFRaAEnZdMHSdIOsIimagOBur0z3mBGWKg3OewGYMvP0JaA%2FeBkCXPh0JKZf94ORVBcZH7tqj%2F3AybB%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
sameorigin
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400, must-revalidate
cf-cache-status
MISS
cf-ray
78275e253e4a5c9e-FRA
content-type
text/html; charset=UTF-8
date
Sun, 01 Jan 2023 01:09:08 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
location
https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDO9qkmjQIH6x3sWzj5Xy8CPRkjq2HU6tdmMvx6V%2Bt%2Be2CR73Tgf%2Fye6PXA0iUKlnwNYRMrm8n0wEXAUMteZoUlcmEs%2FSFxIOeJGSpC8OBD3tDnPE13%2BiMsy1hTuptSOLY2x7xqbSAEfV77o3B55MlXDcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-cf-powered-by
WP Rocket 3.4.0.5
x-content-type-options
nosniff
x-frame-options
sameorigin
x-redirect-by
WordPress
x-xss-protection
1; mode=block
noframework.waypoints.min.js
cdnjs.cloudflare.com/ajax/libs/waypoints/3.0.0/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/waypoints/3.0.0/noframework.waypoints.min.js
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa175caa6ea4a4376e662ea986263ad1c8be315fb65d0005d9e2e0f7fdad8021
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://bipartisanreport.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
752650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2659
last-modified
Mon, 04 May 2020 16:17:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0402f-2711"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CJKIah%2FbWGsf9Vc0YdiumgbIC6N9N%2FcsP3zzvEI9PqHyKD4u942eHg3rZRSmFITlc9Qy1lsxjsKZBrowunxWB7Zxam9Fl1kITlmy8Hp2UF4nsGbTUbmqwZ7iqX1j6rmFUE0U4oF7NGMev45kvWOiEoD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
78275e2f3dd62bdc-FRA
expires
Fri, 22 Dec 2023 01:09:09 GMT
style.min.css
bipartisanreport.com/wp-includes/css/dist/block-library/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bipartisanreport.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10246
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Tue, 15 Nov 2022 23:47:19 GMT
server
cloudflare
etag
W/"63742507-172a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Isn4k7dF55gi3CPUvLPNxkEZXjgak%2BwfUqq8cA857ae1qrAYL4hCsMmFW%2BqS5qcofvVmOtcZpBRNujiRHkmxYb9ac%2FNHioUFwOUbHowQRahwK1e3doABucdYjbjB8oYJ%2B%2BfS2oIKBhPciAKVC08qRbIvLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
78275e2ef8f76928-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
classic-themes.min-1.css
bipartisanreport.com/wp-content/cache/busting/1/wp-includes/css/ 		214 B
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bipartisanreport.com/wp-content/cache/busting/1/wp-includes/css/classic-themes.min-1.css
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aeaf9866daa817a99d3b2da6b523fcfbfc840a1066295815c78e716668714b6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10246
cf-polished
origSize=217
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 23:48:06 GMT
server
cloudflare
etag
W/"63742536-d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqlgkFV6mHGST0wB5LrO02dqRpje27jI8ZQx6u1NkkMClyH3CwI3patpVYJ4M6bq5A4t6xcVWQBB%2Bw2zoZUHJ1F%2BstG14SvmgVblWM5bZNFXUZP8lp8Yvv%2FI6sgJU7YcEEdkN4NDmG6omiVe%2BPq%2F60HBqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
78275e2ef8f96928-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
twitter-feed.css
bipartisanreport.com/wp-content/plugins/wp-to-twitter/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bipartisanreport.com/wp-content/plugins/wp-to-twitter/css/twitter-feed.css
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7884
cf-polished
origSize=1742
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Wed, 14 Sep 2022 22:46:40 GMT
server
cloudflare
etag
W/"632259d0-6ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcVoGregAOiUkfY7OeSuhro2s%2BQeleYds6gdQg91%2Ft2XMl2usp3PFVMS36WlpAlon5qiIHodwauv0OM4AiYAxXMZ1zAiCXmpLuaC9O46Dpw%2F9kJTEUXCrwZ3FXYcL7%2BsdK3VQMCsdaWtWQ49NymBlWgUBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
78275e2ef8fb6928-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		29 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.2.2
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf473c4b25057def8a517e9e49edebf50fe239c6373237d92b4879c2849974e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 01 Jan 2023 00:11:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 01 Jan 2023 01:09:09 GMT
style-9.2.2.css
bipartisanreport.com/wp-content/cache/busting/1/wp-content/themes/Newspaper/ 		934 KB
104 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bipartisanreport.com/wp-content/cache/busting/1/wp-content/themes/Newspaper/style-9.2.2.css
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85bde8232d2b9089992851def2473f3b4ee664212243c3f5866a2247cdd0f1d9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10184
cf-polished
origSize=1200525
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 23:48:06 GMT
server
cloudflare
etag
W/"63742536-12518d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWt57k7qcFBzTa1C4gWJqUuWH167Lq09xGKzedZR5qIXs%2BdcHj7dulehBWq8%2FV3VRpo6bIqbxiA7TVLTLxtkaPB7jAd2BeSQi8svuyUyJFV%2F90npzClSZeGLDiVhkIyU5IYjDjqe7gDgi9wQnWjQfpNwZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
78275e2ef8fd6928-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
related-5.30.1.css
bipartisanreport.com/wp-content/cache/busting/1/wp-content/plugins/yet-another-related-posts-plugin/style/ 		307 B
726 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bipartisanreport.com/wp-content/cache/busting/1/wp-content/plugins/yet-another-related-posts-plugin/style/related-5.30.1.css
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2efe0d8072659b087901323e1fdb18a0f57e6011cb9cb7edff6e1723fc2e8d70

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7884
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 23:48:06 GMT
server
cloudflare
etag
W/"63742536-133"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BI%2B%2BJg5WkjOdeEbtNxdUiLbRmu6S5brnCZVR3ITocCXTPfxQted4bk4Y5UFnDkHOcAH5pFXrbTdxXw51CEJ7GHPd9VSyk7shW1o5T%2FqOWn5v6h7rZFbsSK9abzRcqOy%2FOy7cjRe7KhzMV%2BcYv7Hzg%2Fi5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
78275e2ef8ff6928-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-1.12.4-wp-1.12.4-wp.js
bipartisanreport.com/wp-content/cache/busting/1/wp-content/plugins/enable-jquery-migrate-helper/js/jquery/ 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bipartisanreport.com/wp-content/cache/busting/1/wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp-1.12.4-wp.js
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e03216e555aff351eb119dc79feacd1cd91d04e2b64f8f1c6d42ceb7cfd0c89b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10184
cf-polished
origSize=96854
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 23:48:06 GMT
server
cloudflare
etag
W/"63742536-17a56"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asJ6J8SIkS%2BHkYu36E4b0Inq5kK%2BtoQwPfWQ0IaSWE%2FvQI4u3cXemfuofvWWjK6QDzmdn5%2BG6tmd2ELK2s6PeaMq4QjIuCLm6DmHfZiI40Kc5JVUmX9QPrBHmJ2kTcFZPF0guOcpvLhC7QPZF2Y0Itcr3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
78275e2ef9006928-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate-1.4.1-wp-1.4.1-wp.js
bipartisanreport.com/wp-content/cache/busting/1/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bipartisanreport.com/wp-content/cache/busting/1/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp-1.4.1-wp.js
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f770a249faa1cc956e720475b6c397a6e536354a1f4d7680b0725826ce04d817

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10245
cf-polished
origSize=23673
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 23:48:06 GMT
server
cloudflare
etag
W/"63742536-5c79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oicIu34JDu6pXy5HjPRrMtniZ7tFlzhCUjcBlQREAviqgFmQnKEchzmBJZTTVwalVJ2%2F1SH6BbO1YtDcDu4nU1Npxm9PkFI7jGa9t%2B0CZQ7t4TSIJb1qNQUd0Nwj4bQoFH4esdVUmSWaImAS3WSgCIYIYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
78275e2ef9026928-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb36bc4dcdf0de8e5719052d6d6b033fae0bc0d06b48ada3fe101beee9ad6fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49482
x-xss-protection
0
server
cafe
etag
5709834206273778274
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 01 Jan 2023 01:09:09 GMT
gtm-aef7c4873c5d742a5861c2e344f61adc.js
bipartisanreport.com/wp-content/cache/busting/1/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bipartisanreport.com/wp-content/cache/busting/1/gtm-aef7c4873c5d742a5861c2e344f61adc.js
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb36d3b1399ee558c40ed8c363386ec0494e948b5a8c88fa2cac1007a08dd616

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10245
cf-polished
origSize=216545
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 23:48:06 GMT
server
cloudflare
etag
W/"63742536-34de1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMnbZdVMAmzKraBk%2BJ9lfYXj5WPvXsdnaVT7HqgNtFM1tAiOz7SHm6m8CJ0p3XLyN%2Bv9xCO3g68O6tzIzxBG0JpFjE%2F9biOHJDvdXMIh8vaiKddZJEBrmxJJSbBYzFy%2B4VQd9F4WayLSXCBQO%2Fr06Ykc%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
78275e2ff9dc6928-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-32234117-1
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f531d58769d1164c72c64f8637107afb26c1b353825f81206c11b0aedf27576
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43579
x-xss-protection
0
last-modified
Sun, 01 Jan 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 01 Jan 2023 01:09:09 GMT
hscripts.js
cdn.theardent.group/bipartisanreport/ 		0
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.theardent.group/bipartisanreport/hscripts.js
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws
W1
age
244129
cf-polished
origSize=23
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-bgj
minify
last-modified
Thu, 12 May 2022 13:13:45 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqZw2PUHc%2BY1DKqNExCFs9tzv62MLY0%2BG9IZ2Xr%2F9%2FtuTNj%2FdeEZ1AdaPu7UD4AXCgTo9EMlubC6XPXukBnLl5DOF0muScjy3guWHA%2B0nJcpeDdATvBkS18emkEHAb2gbU9nSHx351S%2BPvY5fWMZJKfk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
78275e306dd19972-FRA
expires
Thu, 05 Jan 2023 05:20:20 GMT
fscripts.js
cdn.theardent.group/bipartisanreport/ 		1 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.theardent.group/bipartisanreport/fscripts.js
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e327677393a06af29716bde662a7c685be307745ae7f5a0d3c3f47245641f18

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws
W2
age
461971
cf-polished
origSize=1561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 12 May 2022 13:16:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7bgp6xuB4Qi3WRYEPFRE0upaMoCMh9%2BsUrU6UJxu9CoDgo0kmuKLlqplBqAgnETX0CZZvH0mxkKghwgSU8CUwXmpOys9BZv%2FoT7kh9QSLdhcJ18eP2yBLVcp8Iz%2F4l7wBOycOMxdUGQjqFJYqwoj07U"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
78275e306dd29972-FRA
expires
Mon, 02 Jan 2023 16:49:38 GMT
email-decode.min.js
bipartisanreport.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bipartisanreport.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Dec 2022 16:36:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63a1e484-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDTc0p%2BqUpK6aHgIesKa3HsMXPZ9vfHw0XN7rvC0EcHo%2FFSKLkjQQctPZm5LJs1R5xoQZflDpxRl1DYnn%2FAO3BqLvb4l%2B87OS5gOx0rQ%2B8qubUn4xl%2B9TCcXAfJKQZsRYm%2FL%2B8cuILlRIxFiHnxfpymULw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
78275e2f09076928-FRA
expires
Tue, 03 Jan 2023 01:09:09 GMT
tagdiv_theme.min-9.2.2.js
bipartisanreport.com/wp-content/cache/busting/1/wp-content/themes/Newspaper/js/ 		213 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bipartisanreport.com/wp-content/cache/busting/1/wp-content/themes/Newspaper/js/tagdiv_theme.min-9.2.2.js
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a800cd5b28e04094e43f9daf4698bb0512e3c88c0927eec84b5b11fc44bc8b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7884
cf-polished
origSize=219047
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 23:48:06 GMT
server
cloudflare
etag
W/"63742536-357a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMbR3WI2h51Cw3emIIgVQ5WI7JNmpIDSO317sIqbzdBnghkVjOyfkvHl0qE1QyV3yQ8tAyZ%2FdHvZ%2Fy%2FC1mDsFoJ2rnF4TPDty2O1GC7Bmvf0BGV3Ss0mkIIPoenPD2hlQM%2FJEy8Sb38jgHa4GfCBPt0sQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
78275e2f09096928-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.1.1
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1641
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
78275e3068282ba6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 04 Jan 2023 01:09:09 GMT
uat.js
u5.investingchannel.com/static/ 		122 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u5.investingchannel.com/static/uat.js
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
Jetty(9.4.12.v20180830) /
Resource Hash
8db229f96e49fc544ce2f6bad070940912d999cf156483fb296ffe8d9a1630aa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 00:20:30 GMT
content-encoding
br
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
server
Jetty(9.4.12.v20180830)
x-amz-cf-pop
FRA6-C1
age
2921
etag
W/"03ab11958aa2c0d16d9d939acd5e6c740"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, must-revalidate, max-age=3300, stale-while-revalidate=300
x-amz-cf-id
EdPWU-H1Vh21UdHabjW8Veut2gs9ZyQ76-pJgA54g_Wq_2wC7vzJ_A==
lazyload.min.js
bipartisanreport.com/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bipartisanreport.com/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7882
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Thu, 10 Oct 2019 22:46:39 GMT
server
cloudflare
etag
W/"5d9fb4cf-15d1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPonTT9e%2FBe2WpIH%2BrYF%2BGlXRCREi9Y3RFc0ffQYWW5CbXKcwh3jOGIuDw4ujyNNfh3MSQuY9unIwiQgdJs%2B%2B%2BjCXnlatFMDu9ag90VBKYc0ek7VPQ9zEKxChkNNBCzqu7bRpBeB11zL9RoPa9xd6oQdyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
78275e3009f76928-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		92 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1479
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18fd2b5f7d75281da371185f3d961a590f8cbfb0bc7c98fcf77773a59938d072

Request headers

Referer
https://bipartisanreport.com/
Origin
https://bipartisanreport.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
x-b3-traceid
32a7a2f86836456e8b596abe9003c1f8
x-amz-cf-pop
AMS1-P2
x-cache
RefreshHit from cloudfront, HIT
mrf-cache-status
H
x-b3-traceid-primal
b2bc504a905f4bd78acc6da5b0fc19f5
content-length
25540
x-served-by
cache-ams21082-AMS
last-modified
Thu, 22 Dec 2022 13:45:13 GMT
server
AmazonS3
x-timer
S1672535350.797824,VS0,VE1
etag
W/"fb440d1eb28f080c2322af3c8f38283e"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
XMpsdukZa_XWsCGe4VOgs2dJyrvoEji-J1B9NFRk2b_1DdHzm0ImOw==
x-cache-hits
1
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
newspaper.woff
bipartisanreport.com/wp-content/themes/Newspaper/images/icons/ 		22 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bipartisanreport.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?15
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/wp-content/cache/busting/1/wp-content/themes/Newspaper/style-9.2.2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1

Request headers

Referer
https://bipartisanreport.com/wp-content/cache/busting/1/wp-content/themes/Newspaper/style-9.2.2.css
Origin
https://bipartisanreport.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10244
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Tue, 22 Jan 2019 15:50:47 GMT
server
cloudflare
etag
W/"5c473bd7-5630"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iySyRje7Ijv72PfGj4rgJqr5JcnHR69sl5QyiX5f92ldJR8VufthhJuTF%2FUzuDL7pHm4%2BDiLHKQ2jgEutKjOKIUOJ0IosEuF%2F8XjTW1pnMV4qvLnKFqLhpKqLfk5hkGe4ek%2Fg4SRH35wGVOOBlkHYjZuPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
78275e301a076928-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bipartisanreport.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 19:33:00 GMT
x-content-type-options
nosniff
age
279369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 19:33:00 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bipartisanreport.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 19:38:58 GMT
x-content-type-options
nosniff
age
279011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 19:38:58 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bipartisanreport.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 19:33:08 GMT
x-content-type-options
nosniff
age
279361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 19:33:08 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df51817b30fe7ff287ab830ad77e2023d2b2156817bd276bd68af8875d8a6b73

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c1b2722be99e0f2c4cd70c48f342eb543a3ee0bec1b5dc6f1d72b034e013b47

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c3cb71138ba89f1cf2419b37b83b35f896ec41631b116926520ae31541fd9bb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0ea2fa35271c78084c0244430b865af459ba144154779a691b70fedb0a3f0e8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bipartisanreport.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 18:50:55 GMT
x-content-type-options
nosniff
age
454694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 18:50:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bipartisanreport.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 19:34:12 GMT
x-content-type-options
nosniff
age
279297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 19:34:12 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bipartisanreport.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 19:05:07 GMT
x-content-type-options
nosniff
age
453842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 19:05:07 GMT
collect
www.google-analytics.com/g/ 		0
174 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QBHTEGLXQ8&gtm=2oeb90&_p=1946581499&cid=205826734.1672535350&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672535350&sct=1&seg=0&dl=https%3A%2F%2Fbipartisanreport.com%2F2022%2F12%2F30%2Fsuspicious-tax-discrepancies-uncovered-in-released-trump-returns%2F&dt=Suspicious%20Tax%20Discrepancies%20Uncovered%20In%20Released%20Trump%20Returns&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/wp-content/cache/busting/1/gtm-aef7c4873c5d742a5861c2e344f61adc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Jan 2023 01:09:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bipartisanreport.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-179723744-1&l=dataLayer&cx=c
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/wp-content/cache/busting/1/gtm-aef7c4873c5d742a5861c2e344f61adc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8174d639aa04a1d62cb568015e892c2b58cdebf762a1a4e0d90be808a5ab5c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43636
x-xss-protection
0
last-modified
Sun, 01 Jan 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 01 Jan 2023 01:09:10 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1644
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
78275e31fef82bd6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 04 Jan 2023 01:09:10 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-07Y82E5JFR
Requested by
Host: cdn.theardent.group
URL: https://cdn.theardent.group/bipartisanreport/fscripts.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf57d6e1061ca1b7b6b738e33a79390173d752520c4b26941bf5bb2732e2fd5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76824
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 01 Jan 2023 01:09:10 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-07Y82E5JFR&l=dataLayer&cx=c
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/wp-content/cache/busting/1/gtm-aef7c4873c5d742a5861c2e344f61adc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
816b03ca07b92bc035f84ea6aee188dcc35e83d97d567d801bb1f1145da80675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76847
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 01 Jan 2023 01:09:10 GMT
new-logo-300x80.png
bipartisanreport.com/wp-content/uploads/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bipartisanreport.com/wp-content/uploads/new-logo-300x80.png
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a32467e496e6d8dd9efbe26ed3655f6b435768671c8d5ade55dca0a72f28a19

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10243
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4674
pragma
public
last-modified
Mon, 23 Sep 2019 22:11:05 GMT
server
cloudflare
etag
"5d8942f9-1242"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBKHuqGkXtLNFlhW5Cek%2B%2BQwHVMZ6ZFNb%2F81FnwhnX68AD8bCbd3EZIZCWu9fCog1KQGQyclyIP7VdfVS5stgkhHZgpoW7H2XFQ%2Byrmezl5LoKronvmZvftsvUdzjVbzWiwJPnQHBCNSTc1hzQYY8fTyXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
78275e31cc3d6928-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9423350550327606&plah=bipartisanreport.com&bust=31071251
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
361b6fd0bb3bd0e4116af7e62d51d2b1ed817ff02ece5adea9db473a3c621f9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119797
x-xss-protection
0
server
cafe
etag
10192744935892117401
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 01 Jan 2023 01:09:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame C3F3 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bipartisanreport.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
20314
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 31 Dec 2022 19:30:36 GMT
etag
10353107486223812946
expires
Sat, 14 Jan 2023 19:30:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 01 Jan 2023 00:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2510
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 01 Jan 2023 02:27:20 GMT
prebid.js
u5.investingchannel.com/prebid/6.12.0/ 		185 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u5.investingchannel.com/prebid/6.12.0/prebid.js
Requested by
Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac1b691c45442b17da773405c354adfc7e7e4356e7b4608d3826dc81ab5e3bcd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 11:28:43 GMT
content-encoding
gzip
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jun 2022 20:42:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
49233
etag
W/"7371a5f279f1435c46da7d231f0e64e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
cuBvbG4qzGaV--9c9xji5bkV7Yveyykssggk-8UDOJbpp5X4Aj9r5A==
uat-internal.js
u5.investingchannel.com/static/ 		332 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u5.investingchannel.com/static/uat-internal.js
Requested by
Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
Jetty(9.4.12.v20180830) /
Resource Hash
eddd80f1a5260173b8ae44b4955f376c62e43039d09bb6eeb26b360c64bb9595

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:02:51 GMT
content-encoding
br
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
server
Jetty(9.4.12.v20180830)
x-amz-cf-pop
FRA6-C1
age
379
etag
W/"0df79606639ea21a36c13679cd278e682"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, must-revalidate, max-age=3300, stale-while-revalidate=300
x-amz-cf-id
U-aLC_yZaJJIJLEDmm3SRMw063DhZTxCYGjzJxnKJHRLHNSfUp6aoQ==
65968e95-0c69-4c7b-acad-2189affa662d
uat5-a.investingchannel.com/data/ 		45 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat5-a.investingchannel.com/data/65968e95-0c69-4c7b-acad-2189affa662d?browsersize=1600x1200&consentsknown=null&usprivacy=&pageurl=https%3A%2F%2Fbipartisanreport.com%2F2022%2F12%2F30%2Fsuspicious-tax-discrepancies-uncovered-in-released-trump-returns%2F
Requested by
Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.72.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-72-11.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.12.v20180830) /
Resource Hash
a9b04bb6ae90435b083847a8f01f49403c4558114e518fff2d1bfa6f81e5d980

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Jan 2023 01:09:10 GMT
content-encoding
gzip
server
Jetty(9.4.12.v20180830)
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://bipartisanreport.com
content-type
text/plain;charset=utf-8
cache-control
private, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
ingest.php
events.newsroom.bi/ 		50 B
856 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1479
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.25.22 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy10.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://bipartisanreport.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://bipartisanreport.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
active
flowcards.mrf.io/json/ 		16 B
378 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flowcards.mrf.io/json/active?site_id=1479&page_technology=0
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
content-encoding
gzip
x-b3-traceid
88947e5f88a848f3bc4da9e5597d7544
x-cache
MISS
mrf-cache-status
M
x-envoy-upstream-service-time
0
x-b3-traceid-primal
88947e5f88a848f3bc4da9e5597d7544
content-length
42
x-served-by
cache-ams21071-AMS
server
istio-envoy
x-timer
S1672535350.194764,VS0,VE52
vary
origin
x-req-backend
F_origin_1_croupier
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
0
bipartisanreport.js
u5.investingchannel.com/cmp_v2/admiral/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u5.investingchannel.com/cmp_v2/admiral/bipartisanreport.js
Requested by
Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat-internal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a64a492054712bb935d75628b04c247e51d2eb3bbd8a627f7eaf32b0715a38e9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
content-encoding
br
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jun 2022 20:57:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
16789
etag
W/"900e382593f9dfbd1e4a6152f6d97e5f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
PmDyQvJ7Kj08lYbyiEvMHMInV2IF-J3ctAIWJoEGLK0lrpvqDPCYQA==
non-finance_governmentandpolitics
uat5-a.investingchannel.com/target/ 		95 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat5-a.investingchannel.com/target/non-finance_governmentandpolitics
Requested by
Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.72.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-72-11.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.12.v20180830) /
Resource Hash
8df2535d76932c40e680707236ccc6fec06dc10b8790dba9ea55fe3ec7c32935

Request headers

Accept
*/*
Referer
https://bipartisanreport.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
server
Jetty(9.4.12.v20180830)
etag
"024011a0325d2cf9af45e2526fcc8faf3"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://bipartisanreport.com
content-type
text/plain;charset=utf-8
cache-control
public, must-revalidate, max-age=1260
access-control-allow-credentials
true
content-length
95
f9ec8100-3cb4-45e1-b2c9-4a8fdd1c5cf0
https://bipartisanreport.com/ 		81 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://bipartisanreport.com/f9ec8100-3cb4-45e1-b2c9-4a8fdd1c5cf0
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5823a741ee96ac55963d30e4ff7d6d6d6f17e88f5c4fb484148b6f4b886aec27

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
81
Content-Type
application/javascript
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1946581499&t=pageview&_s=1&dl=https%3A%2F%2Fbipartisanreport.com%2F2022%2F12%2F30%2Fsuspicious-tax-discrepancies-uncovered-in-released-trump-returns%2F&dp=%2F2022%2F12%2F30%2Fsuspicious-tax-discrepancies-uncovered-in-released-trump-returns%2F&ul=en-us&de=UTF-8&dt=(direct)%20Suspicious%20Tax%20Discrepancies%20Uncovered%20In%20Released%20Trump%20Returns&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDAAUABEAAAACgCI~&jid=1051358335&gjid=108569817&cid=205826734.1672535350&tid=UA-179723744-1&_gid=1343867874.1672535350&_r=1&gtm=2oubu0&cd1=Caleb%20Newton&cd2=(none)&cd3=(direct)&z=161243912
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bipartisanreport.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 Jan 2023 01:09:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bipartisanreport.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-07Y82E5JFR&gtm=2oebu0&_p=1946581499&cid=205826734.1672535350&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672535350&sct=1&seg=0&dl=https%3A%2F%2Fbipartisanreport.com%2F2022%2F12%2F30%2Fsuspicious-tax-discrepancies-uncovered-in-released-trump-returns%2F&dt=Suspicious%20Tax%20Discrepancies%20Uncovered%20In%20Released%20Trump%20Returns&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-07Y82E5JFR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Jan 2023 01:09:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bipartisanreport.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/81c45b2d-1671-45de-968a-121004be8d8d/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/81c45b2d-1671-45de-968a-121004be8d8d/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce63503550804de9ad01aa28de75068a083a9a75d6a1aac437e823705d8a4e3f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
status
200 OK
x-envoy-upstream-service-time
22
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
cd71306a-558c-4099-b09f-bd7204b3592b
x-runtime
0.019758
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ce63503550804de9ad01aa28de75068a"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
78275e33fb182ba6-FRA
access-control-allow-headers
SDK-Version
expires
Sun, 01 Jan 2023 02:09:10 GMT
cookie.js
partner.googleadservices.com/gampad/ 		407 B
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=bipartisanreport.com&callback=_gfp_s_&client=ca-pub-9423350550327606&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9423350550327606&plah=bipartisanreport.com&bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dd7e5b11a0e3f9b86951ad9ee96fb4019d947e0838222d47d4899adb6fef4c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bipartisanreport.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9423350550327606&plah=bipartisanreport.com&bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bipartisanreport.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9423350550327606&plah=bipartisanreport.com&bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 274C 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-9423350550327606&output=html&adk=1812271804&adf=3025194257&lmt=1672524888&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fbipartisanreport.com%2F2022%2F12%2F30%2Fsuspicious-tax-discrepancies-uncovered-in-released-trump-returns%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672535350052&bpp=5&bdt=484&idt=342&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7585510383742&frm=20&pv=2&ga_vid=205826734.1672535350&ga_sid=1672535350&ga_hid=1946581499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C44780792&oid=2&pvsid=908900313719909&tmod=661690457&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=377
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9423350550327606&plah=bipartisanreport.com&bust=31071251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bipartisanreport.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Jan 2023 01:09:10 GMT
expires
Sun, 01 Jan 2023 01:09:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
v2hogTreo027pk8wanKTH-TyCi9v4R57jFQ-YYfT1lo-CnabKYUjRTQk
lovelydrum.com/ 		572 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lovelydrum.com/v2hogTreo027pk8wanKTH-TyCi9v4R57jFQ-YYfT1lo-CnabKYUjRTQk
Requested by
Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/cmp_v2/admiral/bipartisanreport.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
898733e5d8a222c0278e2390004cab440b6344521a8fb1ecc61d9b4463b36153
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sun, 01 Jan 2023 01:09:10 GMT
x-datacenter
gce-europe-west1
etag
"a3cba5addcee47d9e0464137aacf4150c12912fb08c9ecfc279fa93351354637"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-b0wm
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
718439402
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1643
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
78275e34b9c32bd6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Jan 2023 01:09:10 GMT
icon
onesignal.com/api/v1/apps/81c45b2d-1671-45de-968a-121004be8d8d/ 		176 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/81c45b2d-1671-45de-968a-121004be8d8d/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb91449f700f1710f46576b29c5acf76cde013743e18deff6522cc03c4f184be
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:10 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
status
200 OK
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
03c89ba1-10b9-427f-815c-772449f64c73
x-runtime
0.005722
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"eb91449f700f1710f46576b29c5acf76"
x-download-options
noopen
vary
Accept, Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
78275e353b8b9b6a-FRA
access-control-allow-headers
SDK-Version
skeleton.js
static.adsafeprotected.com/ 		17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: lovelydrum.com
URL: https://lovelydrum.com/v2hogTreo027pk8wanKTH-TyCi9v4R57jFQ-YYfT1lo-CnabKYUjRTQk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
15894491
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
gDd6da6M-yUvbEAPEBDJ8jRiRSax7qgmHrTDGDsX-h4mpeorYMNdmQ==
e53b3a9a-0c08-4946-b7dc-7ff64a1e568a.png
img.onesignal.com/t/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/t/e53b3a9a-0c08-4946-b7dc-7ff64a1e568a.png
Requested by
Host: bipartisanreport.com
URL: https://bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
380fbd164aff690feb26bbe0298b09f92f9336b883414d42d6a42547b6409d51
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:11 GMT
x-amz-meta-cache-control
public, maxage=604800
cf-cache-status
REVALIDATED
strict-transport-security
max-age=15552000; includeSubDomains
x-amz-request-id
2NA7BZPKSV1HEYER
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74210
x-amz-id-2
P+IAFKVx8z6JLwoIcWBgLKf2ErWWD+ZYqG4aMAgRnH2c7vlITBDf1OcwQXRxFLmuMTcQUO0GYSQ=
last-modified
Thu, 03 Oct 2019 23:52:43 GMT
server
cloudflare
etag
"f6bdf3193ff8bdcd5589e0935f46d5cd"
vary
Accept-Encoding
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
78275e35ad852ba6-FRA
expires
Wed, 01 Feb 2023 01:09:11 GMT
v2puiGdx01uQ21Xh8iKUhUp9-deNbK4OUSBAOk8Iz7H8g8RU_0LERRpyfCDkhmNvz22up4B_9
lovelydrum.com/ 		191 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lovelydrum.com/v2puiGdx01uQ21Xh8iKUhUp9-deNbK4OUSBAOk8Iz7H8g8RU_0LERRpyfCDkhmNvz22up4B_9
Requested by
Host: lovelydrum.com
URL: https://lovelydrum.com/v2hogTreo027pk8wanKTH-TyCi9v4R57jFQ-YYfT1lo-CnabKYUjRTQk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
87ba9f75756ee9fa066754d96cdb6660ef329c91a4b8c271ffd25717e9dce1de
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://bipartisanreport.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sun, 01 Jan 2023 01:09:10 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bipartisanreport.com
x-hostname
fen-hoothoot-europe-west1-spot-b0wm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sun, 01 Jan 2023 01:09:09 GMT
v2rbh79umvY_eVjpA4nDip9faY7AWwDgF9pECOZYPHA8IYO_wbnptcfs7OCEjSyo_vNRXEhpw
lovelydrum.com/ 		426 B
451 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lovelydrum.com/v2rbh79umvY_eVjpA4nDip9faY7AWwDgF9pECOZYPHA8IYO_wbnptcfs7OCEjSyo_vNRXEhpw
Requested by
Host: lovelydrum.com
URL: https://lovelydrum.com/v2hogTreo027pk8wanKTH-TyCi9v4R57jFQ-YYfT1lo-CnabKYUjRTQk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
440984f8f54e47961ee878fdda031ab93cb1d7900043faf619f8665d0e3425ae
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://bipartisanreport.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sun, 01 Jan 2023 01:09:10 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
426
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bipartisanreport.com
x-hostname
fen-hoothoot-europe-west1-spot-b0wm
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
ConsentManager
haltinggold.com/v2spwDPTALgGqJLw_wrkpzHpRiaw62RJ1gQm-Le_a5FHsKyb2WTne8VFBsVUXvw8o68RfXPk/ 		245 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haltinggold.com/v2spwDPTALgGqJLw_wrkpzHpRiaw62RJ1gQm-Le_a5FHsKyb2WTne8VFBsVUXvw8o68RfXPk/ConsentManager
Requested by
Host: lovelydrum.com
URL: https://lovelydrum.com/v2hogTreo027pk8wanKTH-TyCi9v4R57jFQ-YYfT1lo-CnabKYUjRTQk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
3cc3aa3387b770fad9d624748f050f6dcfacd02b264086b74197a03937517e01
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://bipartisanreport.com/
Origin
https://bipartisanreport.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sun, 01 Jan 2023 01:09:11 GMT
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-datacenter
gce-europe-west1
etag
"b926a9494ef6a627fb02b2147cf3809575aa45990dc2c841229341cdf0ebc3e3"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language, Origin
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://bipartisanreport.com
x-hostname
fen-hoothoot-europe-west1-spot-b0wm
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
css2
fonts.googleapis.com/ 		7 KB
656 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Requested by
Host: haltinggold.com
URL: https://haltinggold.com/v2spwDPTALgGqJLw_wrkpzHpRiaw62RJ1gQm-Le_a5FHsKyb2WTne8VFBsVUXvw8o68RfXPk/ConsentManager
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9800bdcfee680a224931e132e95552d4e5d70f9f147ced4af8a9c8bc52c80c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 01 Jan 2023 01:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 31 Dec 2022 23:09:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 01 Jan 2023 01:09:11 GMT
/
uat5-a.investingchannel.com/logs/ 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat5-a.investingchannel.com/logs/?gdprapplicable=true&uspstatus=INPROGRESS
Requested by
Host: u5.investingchannel.com
URL: https://u5.investingchannel.com/static/uat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.72.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-72-11.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.12.v20180830) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://bipartisanreport.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://bipartisanreport.com
date
Sun, 01 Jan 2023 01:09:11 GMT
access-control-allow-credentials
true
server
Jetty(9.4.12.v20180830)
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
uat5-a.investingchannel.com/logs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://uat5-a.investingchannel.com/logs/?gdprapplicable=true&uspstatus=INPROGRESS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.72.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-72-11.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.12.v20180830) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bipartisanreport.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://bipartisanreport.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Sun, 01 Jan 2023 01:09:11 GMT
server
Jetty(9.4.12.v20180830)
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
v2puiGdx01uQ21Xh8iKUhUp9-deNbK4OUSBAOk8Iz7H8g8RU_0LERRpyfCDkhmNvz22up4B_9
lovelydrum.com/ 		178 B
205 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lovelydrum.com/v2puiGdx01uQ21Xh8iKUhUp9-deNbK4OUSBAOk8Iz7H8g8RU_0LERRpyfCDkhmNvz22up4B_9
Requested by
Host: lovelydrum.com
URL: https://lovelydrum.com/v2hogTreo027pk8wanKTH-TyCi9v4R57jFQ-YYfT1lo-CnabKYUjRTQk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
f47507661219d0a531e1fedfeb0f30c1eb632b5dd5ca039fcb0935b6526a1ee9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://bipartisanreport.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sun, 01 Jan 2023 01:09:11 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
178
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bipartisanreport.com
x-hostname
fen-hoothoot-europe-west1-spot-b0wm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sun, 01 Jan 2023 01:09:10 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bipartisanreport.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 09:28:52 GMT
x-content-type-options
nosniff
age
229219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Dec 2023 09:28:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9423350550327606&plah=bipartisanreport.com&bust=31071251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c07d2a371d8013545ce72488527448a92b7be4c4fc05fdbb31fa2586c44a10c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11258
x-xss-protection
0
ingest.php
events.newsroom.bi/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1479
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.9.25.22 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy10.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://bipartisanreport.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 01 Jan 2023 01:09:11 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://bipartisanreport.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9423350550327606&plah=bipartisanreport.com&bust=31071251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 01:09:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C0A8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bipartisanreport.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
11139
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 31 Dec 2022 22:03:32 GMT
expires
Sun, 31 Dec 2023 22:03:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 45CB 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
704b5563fd3f4b22410b31c6a14148e1c62529832918ad49065fa8f8368ad3a8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_5S--4P-5-l8RcoSaXrd3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bipartisanreport.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-_5S--4P-5-l8RcoSaXrd3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 01 Jan 2023 01:09:11 GMT
expires
Sun, 01 Jan 2023 01:09:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame C0A8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 22:49:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Dec 2023 22:49:13 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 45CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=908900313719909&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C0A8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qi9now
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:09:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=908900313719909&bg=!a2ilaCzNAAYgquz3AKo7ACkAdvg8WrCC8N8zINBuiAt6nrZmEM0iUNMj7eIAbfgPIGOA5DtXyTYODgIAAABPUgAAAAJoAQeZAtl30fMapjp8ZpXTgOO9thDO-QDghUfs6wGKHpR80DIaCTCHY2DTQVMH9lek3OOm0KRcPe72P9gkcmwPvUtQipgXeBC7l15HuKmL6uCf5t6rI2W2GMUyo22DFoQSE_mA-9N_ralMQovKOBlY8eiRfC6DEnUdBNgtv2E8BPfGDGHM81_JmApsJWFLkScqCjorKcE_qymySnviY9G_0o8W-vElr7wSq6uuf6ovEHq8ySjcHsljsAXVoWpZqdRUouH_IXTWvtlOBAH9QjhWuqTf3QhXvGKFOgTK2CmBMCTCcI5fFK4sVPG69TkpV7TEdK28M3PgzdRPAfRaSZAuNx1FaUYfKc9ZtF6jhZRU5q1sAcQwLL1kCNkEtQU5xwn586Dqp13GrBE30dw8pvhMinWjGRfbhT1oS1VKcNRSUKIjDvBOptmanKPBO2qgAh7bq3hpt7WmccQ2Wpah2plaIgsnjKPvJ6UZplHzx5LPxd8ZTFH-bTHhAYbekHbhp-eyVXqo0MZs-MQI5WIFqFSa-Q2yAwBKtsKM6VQUMBxkBjs7xsz02x2mWHk-PwUAlT3tMOuArtvCnOJMJDQQrXouIqglAt3X8rXMgeFJpUt_YWx1BecB6dCS1gxSGCq_FmBLMsjSo-Uau6tca92Ij2F1ypDdepLx6LXFVa5X1qn-j_Bjyp2CEoydOGAQOV0gwROwi4zmuSdIdYwZuyn94oo34abDiUZQ5b5TYIuW-OT1uCBNngZfzUtr1mw5j628YclGZ2ptIqdJnohedttv06q87Ia9kxK5q-xyggee0o0hMB1A0BiSYLzaCfplXZBD6154S0q5P3J2e57IGL79-o0UemT7K9Xbc7Xlx8jH2c6_GxAmYHNeCUW1mBtlTMltMVgrLriqgLwWK4YArZaFafomS8V6rrMQ4cLMvswysBSSjSjHgiu94_QmbCqLE6T2vQp_QiPQ6-6eQeJTLiVDPD4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bipartisanreport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

265 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange function| Waypoint function| $ function| jQuery function| e function| t object| marfeel function| gtag object| dataLayer function| documentInitOneSignal function| OneSignal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target object| block_td_uid_3_63b0b45722d4b object| block_td_uid_7_63b0b457694b5 object| block_td_uid_8_63b0b4576c395 object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl function| tdModalImage object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack object| td_backstretch_items function| td_compute_parallax_background function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing object| jQuery112406998246621845687 function| $f string| waypointContextKey object| InvestingChannelQueue object| page boolean| isMobile boolean| isTablet boolean| isDesktop number| w boolean| isHomepage boolean| isArticle undefined| div1Tag undefined| div2Tag undefined| div3Tag undefined| div4Tag undefined| div5Tag undefined| div6Tag undefined| div7Tag object| div8Tag undefined| div9Tag object| div10Tag object| div11Tag object| div12Tag object| div13Tag undefined| div14Tag undefined| div15Tag undefined| div16Tag undefined| div17Tag undefined| div18Tag undefined| div19Tag undefined| div20Tag undefined| div21Tag undefined| div22Tag undefined| div23Tag undefined| div24Tag undefined| div25Tag undefined| div26Tag object| div27Tag function| elementInViewport function| evaluate function| b2a function| a2b string| ai_block_class_def function| ai_set_cookie function| ai_get_cookie function| ai_load_cookie object| $jscomp function| ai_process_elements object| targetNode object| config function| ai_adsense_callback object| observer object| Arrive function| ai_process_element_lists function| getAllUrlParams function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| MobileDetect function| ai_run_630095352691 boolean| ai_js_code object| lazyLoadOptions function| _extends function| _typeof function| LazyLoad function| ai_process_lists object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy function| ai_document_write string| selector_string object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal undefined| _qevents object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| __assign object| InvestingChannel string| GoogleAnalyticsObject function| ga object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass object| googletag function| ___assign object| InternalInvestingChannel object| Channel string| IC_PAGE_REFERER function| __uspapi boolean| __cmpGdprAppliesGlobally function| admiral string| IC_PAGE_ID number| IC_MAX_TILE object| gaplugins object| gaData function| ic_pbjsChunk object| ic_pbjs object| _pbjsGlobals number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| __tcfapi function| 4dm1r11545242527 object| admrlWpJsonP object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

17 Cookies

Domain/Path Name / Value
.bipartisanreport.com/ Name: _ga_QBHTEGLXQ8
Value: GS1.1.1672535350.1.0.1672535350.0.0.0
.bipartisanreport.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1672535350%2C%22currentVisitStarted%22%3A1672535350%2C%22sessionId%22%3A%22c85721be-15d3-4fc6-b6bc-90616f93bfae%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//bipartisanreport.com/2022/12/30/suspicious-tax-discrepancies-uncovered-in-released-trump-returns/%22%2C%22referrer%22%3A%22%22%7D
.bipartisanreport.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1672535350%2C%22userId%22%3A%22a24b89f5-ae3b-40fb-b705-5cbe7862da23%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1672535350%2C%22timesVisited%22%3A1%7D
.bipartisanreport.com/ Name: compass_uid
Value: a24b89f5-ae3b-40fb-b705-5cbe7862da23
events.newsroom.bi/ Name: 1479_u
Value: a24b89f5-ae3b-40fb-b705-5cbe7862da23
events.newsroom.bi/ Name: 1479_s
Value: c85721be-15d3-4fc6-b6bc-90616f93bfae
events.newsroom.bi/ Name: 1479_lv
Value: null
events.newsroom.bi/ Name: 1479_ut
Value: 0
bipartisanreport.com/ Name: usprivacy
Value: 1---
.bipartisanreport.com/ Name: _gid
Value: GA1.2.1343867874.1672535350
.bipartisanreport.com/ Name: _gat_gtag_UA_179723744_1
Value: 1
.bipartisanreport.com/ Name: _ga_07Y82E5JFR
Value: GS1.1.1672535350.1.0.1672535350.0.0.0
.bipartisanreport.com/ Name: _ga
Value: GA1.1.205826734.1672535350
.bipartisanreport.com/ Name: __gads
Value: ID=e58df8b26247e675-227bd88ce6da0011:T=1672535350:RT=1672535350:S=ALNI_MaIL29JvyIyewY7649_YJ02oXhmVg
.bipartisanreport.com/ Name: __gpi
Value: UID=00000b9b3c0e419b:T=1672535350:RT=1672535350:S=ALNI_Mbjx31zIs6SGfBv63yKfTTlPiR65w
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bipartisanreport.com/ Name: _awl
Value: 2.1672535351.5-a4bb2305f2df9d505f6f66914cdc0912-6763652d6575726f70652d7765737431-0

2 Console Messages

Source Level URL
Text
worker warning URL: https://u5.investingchannel.com/predictive/predictive.js(Line 17)
Message:
Initialization of backend webgl failed
worker warning URL: https://u5.investingchannel.com/predictive/predictive.js(Line 17)
Message:
Error: WebGL is not supported on this device at new e (https://u5.investingchannel.com/predictive/predictive.js:18:287866) at Object.factory (https://u5.investingchannel.com/predictive/predictive.js:18:340939) at t.initializeBackend (https://u5.investingchannel.com/predictive/predictive.js:18:38038) at t.initializeBackendsAndReturnBest (https://u5.investingchannel.com/predictive/predictive.js:18:39477) at t.get [as backend] (https://u5.investingchannel.com/predictive/predictive.js:18:36077) at t.makeTensor (https://u5.investingchannel.com/predictive/predictive.js:18:43157) at Un (https://u5.investingchannel.com/predictive/predictive.js:18:79546) at e.apply (https://u5.investingchannel.com/predictive/predictive.js:34:15412) at e.addWeight (https://u5.investingchannel.com/predictive/predictive.js:34:36228) at e.build (https://u5.investingchannel.com/predictive/predictive.js:34:152793)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bipartisanreport.com
cdn.onesignal.com
cdn.theardent.group
cdnjs.cloudflare.com
events.newsroom.bi
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
haltinggold.com
img.onesignal.com
lovelydrum.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
sdk.mrf.io
static.adsafeprotected.com
tpc.googlesyndication.com
u5.investingchannel.com
uat5-a.investingchannel.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
151.101.130.207
151.101.194.207
176.9.25.22
2001:4860:4802:32::36
2600:1901:0:636d::1
2600:1901:0:7416::1
2600:9000:214f:a400:8:48e:53c0:93a1
2606:4700::6811:180e
2606:4700::6812:e134
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2002
2a00:1450:400d:804::2002
2a00:1450:400d:807::2008
2a00:1450:400d:807::200a
2a00:1450:400d:807::200e
2a00:1450:400d:80c::2004
2a00:1450:400d:80e::2003
2a06:98c1:3120::3
2a06:98c1:3121::3
54.93.72.11
99.86.4.117
0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122
18fd2b5f7d75281da371185f3d961a590f8cbfb0bc7c98fcf77773a59938d072
1dd7e5b11a0e3f9b86951ad9ee96fb4019d947e0838222d47d4899adb6fef4c7
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2efe0d8072659b087901323e1fdb18a0f57e6011cb9cb7edff6e1723fc2e8d70
361b6fd0bb3bd0e4116af7e62d51d2b1ed817ff02ece5adea9db473a3c621f9c
380fbd164aff690feb26bbe0298b09f92f9336b883414d42d6a42547b6409d51
3a32467e496e6d8dd9efbe26ed3655f6b435768671c8d5ade55dca0a72f28a19
3cc3aa3387b770fad9d624748f050f6dcfacd02b264086b74197a03937517e01
3f531d58769d1164c72c64f8637107afb26c1b353825f81206c11b0aedf27576
440984f8f54e47961ee878fdda031ab93cb1d7900043faf619f8665d0e3425ae
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4e327677393a06af29716bde662a7c685be307745ae7f5a0d3c3f47245641f18
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5823a741ee96ac55963d30e4ff7d6d6d6f17e88f5c4fb484148b6f4b886aec27
58a800cd5b28e04094e43f9daf4698bb0512e3c88c0927eec84b5b11fc44bc8b
5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1
5c3cb71138ba89f1cf2419b37b83b35f896ec41631b116926520ae31541fd9bb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c07d2a371d8013545ce72488527448a92b7be4c4fc05fdbb31fa2586c44a10c
6c1b2722be99e0f2c4cd70c48f342eb543a3ee0bec1b5dc6f1d72b034e013b47
704b5563fd3f4b22410b31c6a14148e1c62529832918ad49065fa8f8368ad3a8
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf
7cec6bd26dbcaf4fc7ff2d310f6e9d7acd8900bf66bce448d77e63f139de8d96
816b03ca07b92bc035f84ea6aee188dcc35e83d97d567d801bb1f1145da80675
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
85bde8232d2b9089992851def2473f3b4ee664212243c3f5866a2247cdd0f1d9
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87ba9f75756ee9fa066754d96cdb6660ef329c91a4b8c271ffd25717e9dce1de
898733e5d8a222c0278e2390004cab440b6344521a8fb1ecc61d9b4463b36153
8db229f96e49fc544ce2f6bad070940912d999cf156483fb296ffe8d9a1630aa
8df2535d76932c40e680707236ccc6fec06dc10b8790dba9ea55fe3ec7c32935
9aeaf9866daa817a99d3b2da6b523fcfbfc840a1066295815c78e716668714b6
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0ea2fa35271c78084c0244430b865af459ba144154779a691b70fedb0a3f0e8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a64a492054712bb935d75628b04c247e51d2eb3bbd8a627f7eaf32b0715a38e9
a9800bdcfee680a224931e132e95552d4e5d70f9f147ced4af8a9c8bc52c80c9
a9b04bb6ae90435b083847a8f01f49403c4558114e518fff2d1bfa6f81e5d980
aa175caa6ea4a4376e662ea986263ad1c8be315fb65d0005d9e2e0f7fdad8021
ac1b691c45442b17da773405c354adfc7e7e4356e7b4608d3826dc81ab5e3bcd
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b8174d639aa04a1d62cb568015e892c2b58cdebf762a1a4e0d90be808a5ab5c2
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf473c4b25057def8a517e9e49edebf50fe239c6373237d92b4879c2849974e9
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
ce63503550804de9ad01aa28de75068a083a9a75d6a1aac437e823705d8a4e3f
cf57d6e1061ca1b7b6b738e33a79390173d752520c4b26941bf5bb2732e2fd5f
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
df51817b30fe7ff287ab830ad77e2023d2b2156817bd276bd68af8875d8a6b73
e03216e555aff351eb119dc79feacd1cd91d04e2b64f8f1c6d42ceb7cfd0c89b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb91449f700f1710f46576b29c5acf76cde013743e18deff6522cc03c4f184be
eddd80f1a5260173b8ae44b4955f376c62e43039d09bb6eeb26b360c64bb9595
f47507661219d0a531e1fedfeb0f30c1eb632b5dd5ca039fcb0935b6526a1ee9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f770a249faa1cc956e720475b6c397a6e536354a1f4d7680b0725826ce04d817
fb36bc4dcdf0de8e5719052d6d6b033fae0bc0d06b48ada3fe101beee9ad6fc8
fb36d3b1399ee558c40ed8c363386ec0494e948b5a8c88fa2cac1007a08dd616