www.washingtontimes.com Open in urlscan Pro
104.22.58.64 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Submission Tags: falconsandbox
Submission: On July 19 via api (July 19th 2024, 4:38:26 pm UTC) from US — Scanned from DE

Summary HTTP 282 Redirects Behaviour Indicators

Summary

This website contacted 101 IPs in 10 countries across 71 domains to perform 282 HTTP transactions. The main IP is 104.22.58.64, located in and belongs to CLOUDFLARENET, US. The main domain is www.washingtontimes.com. The Cisco Umbrella rank of the primary domain is 60252.
TLS certificate: Issued by E5 on June 26th 2024. Valid for: 3 months.

This is the only time www.washingtontimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	104.22.58.64 104.22.58.64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20a... 2600:9000:20a0:e200:c:d51b:4400:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:480... 2a02:26f0:480:b94::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:9000:264... 2600:9000:2646:fa00:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
1	216.137.44.123 216.137.44.123	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26e... 2600:9000:26e8:6000:10:3422:3f00:21	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:273... 2600:9000:273e:4000:1c:386f:ec80:21	16509 (AMAZON-02) (AMAZON-02)
2 2	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
10	104.26.10.235 104.26.10.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	184.28.89.148 184.28.89.148	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.55.141.237 52.55.141.237	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:401... 2a00:1450:4010:c01::54	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	23.21.101.201 23.21.101.201	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	172.67.155.215 172.67.155.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.25.111 104.18.25.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.74.24 172.67.74.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	172.64.144.52 172.64.144.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.213.115.59 3.213.115.59	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:206... 2600:9000:206f:7c00:9:78a:e540:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
1	184.73.100.94 184.73.100.94	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.0.214.159 52.0.214.159	14618 (AMAZON-AES) (AMAZON-AES)
2	104.18.20.97 104.18.20.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3.91.129.208 3.91.129.208	14618 (AMAZON-AES) (AMAZON-AES)
8	2606:4700:440... 2606:4700:4400::ac40:9296	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.255.106.40 34.255.106.40	16509 (AMAZON-02) (AMAZON-02)
4	2607:f350:3:2... 2607:f350:3:2569:0:10:0:a	27630 (AS-XFERNET) (AS-XFERNET)
5	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	54.171.243.181 54.171.243.181	16509 (AMAZON-02) (AMAZON-02)
9	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
5	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
4	147.75.80.51 147.75.80.51	54825 (PACKET) (PACKET)
3	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1 2	204.16.247.184 204.16.247.184	20326 (TERASWITCH) (TERASWITCH)
1	38.70.189.72 38.70.189.72	399647 (RUMBLE) (RUMBLE)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:15::213:7e63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80e::201b	15169 (GOOGLE) (GOOGLE)
3	18.244.18.122 18.244.18.122	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	104.18.223.248 104.18.223.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
1	3.224.42.41 3.224.42.41	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:20a... 2600:9000:20ab:3e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.238.243.114 18.238.243.114	16509 (AMAZON-02) (AMAZON-02)
1	18.239.68.199 18.239.68.199	16509 (AMAZON-02) (AMAZON-02)
1	34.239.11.115 34.239.11.115	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:223... 2600:9000:223c:7e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	2a04:4e42:8e::84 2a04:4e42:8e::84	54113 (FASTLY) (FASTLY)
1	2600:9000:275... 2600:9000:275d:2600:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.192.241.163 23.192.241.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:20:... 2606:4700:20::681a:1ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2014	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:90fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	64.202.112.255 64.202.112.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	23.212.89.151 23.212.89.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	38.70.189.70 38.70.189.70	399647 (RUMBLE) (RUMBLE)
1	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
2	167.235.124.23 167.235.124.23	24940 (HETZNER-AS) (HETZNER-AS)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.36.224.135 52.36.224.135	16509 (AMAZON-02) (AMAZON-02)
1	34.215.24.217 34.215.24.217	16509 (AMAZON-02) (AMAZON-02)
3 6	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1	104.18.43.204 104.18.43.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.143.111 104.16.143.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.24.111 104.18.24.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.239.248 104.18.239.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.193.51 35.244.193.51	15169 (GOOGLE) (GOOGLE)
2	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	52.214.212.45 52.214.212.45	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
2	52.58.93.204 52.58.93.204	16509 (AMAZON-02) (AMAZON-02)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
282	101

11 104.22.58.64 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.washingtontimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20a0:e200:c:d51b:4400:93a1 (United States)

ASN16509 (AMAZON-02, US)

dsms0mj1bbhn4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:b94::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2646:fa00:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.137.44.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-216-137-44-123.lhr61.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26e8:6000:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)

df80k0z3fi8zg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:273e:4000:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)

d3lcz8vpax4lo2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.4 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.26.10.235 (None, )

ASN13335 (CLOUDFLARENET, US)

twt-thumbs.washtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.28.89.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-89-148.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.141.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-141-237.compute-1.amazonaws.com

soapps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4010:c01::54 (Finland)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.101.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-101-201.compute-1.amazonaws.com

s.newsmaxfeednetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.155.215 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.25.111 (None, )

ASN13335 (CLOUDFLARENET, US)

absorbingband.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.74.24 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.openshareweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 172.64.144.52 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cd.elements.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.elements.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.elements.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ins.elements.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.115.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-115-59.compute-1.amazonaws.com

geoip.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:7c00:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)

auth.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.100.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-100-94.compute-1.amazonaws.com

www.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.214.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-214-159.compute-1.amazonaws.com

geoip.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.20.97 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.91.129.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-129-208.compute-1.amazonaws.com

event.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::ac40:9296 (United States)

ASN13335 (CLOUDFLARENET, US)

ex.ingage.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.255.106.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-106-40.eu-west-1.compute.amazonaws.com

hb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f350:3:2569:0:10:0:a (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.171.243.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-243-181.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 147.75.80.51 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: omni-am6-o8cfqa

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.16.247.184 (Pittsburgh, United States) 1 redirects

ASN20326 (TERASWITCH, US)

html5-player.libsyn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.70.189.72 (Toronto, Canada)

ASN399647 (RUMBLE, US)

a.ads.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:15::213:7e63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.244.18.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-122.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.223.248 (None, )

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.42.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-42-41.compute-1.amazonaws.com

analytics.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ab:3e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-114.ams58.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.68.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-68-199.ams58.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.11.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-11-115.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)

cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:7e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275d:2600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.241.163 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-241-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:1ba (United States)

ASN13335 (CLOUDFLARENET, US)

audio.api.speechify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

speechify-api-dot-speechifymobile.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:90fe (United States)

ASN13335 (CLOUDFLARENET, US)

comment.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.89.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-151.deploy.static.akamaitechnologies.com

images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.70.189.70 (Toronto, Canada)

ASN399647 (RUMBLE, US)

d2.ads.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.124.23 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0001.cxense.com

stats-collector.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.224.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-224-135.us-west-2.compute.amazonaws.com

postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.24.217 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-24-217.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.146.152 (San Francisco, United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.128.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.43.204 (None, )

ASN13335 (CLOUDFLARENET, US)

vid.elements.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.143.111 (None, )

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.111 (None, )

ASN13335 (CLOUDFLARENET, US)

newsletterjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.239.248 (None, )

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.212.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-212-45.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.93.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-93-204.eu-central-1.compute.amazonaws.com

k.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	elements.video cd.elements.video — Cisco Umbrella Rank: 40098 capi.elements.video — Cisco Umbrella Rank: 23937 cds.elements.video — Cisco Umbrella Rank: 37476 ins.elements.video — Cisco Umbrella Rank: 47275 vid.elements.video — Cisco Umbrella Rank: 45339	288 KB
12	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2615 widget-pixels.outbrain.com — Cisco Umbrella Rank: 5706 mv.outbrain.com — Cisco Umbrella Rank: 3390 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 11006	119 KB
11	connatix.com 3 redirects cds.connatix.com — Cisco Umbrella Rank: 5372 capi.connatix.com — Cisco Umbrella Rank: 1317	123 KB
11	washingtontimes.com 1 redirects www.washingtontimes.com — Cisco Umbrella Rank: 60252	199 KB
10	washtimes.com twt-thumbs.washtimes.com — Cisco Umbrella Rank: 228104	173 KB
10	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 10 accounts.google.com — Cisco Umbrella Rank: 46 news.google.com — Cisco Umbrella Rank: 7657 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662 region1.analytics.google.com — Cisco Umbrella Rank: 3773	301 KB
9	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 780	5 KB
8	ingage.tech ex.ingage.tech — Cisco Umbrella Rank: 8414	3 KB
6	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 14208 cdn.tinypass.com — Cisco Umbrella Rank: 7771 id.tinypass.com — Cisco Umbrella Rank: 26287 buy.tinypass.com — Cisco Umbrella Rank: 8867	124 KB
6	insticator.com geoip.insticator.com — Cisco Umbrella Rank: 57586 event.insticator.com — Cisco Umbrella Rank: 36355	402 B
6	cloudfront.net dsms0mj1bbhn4.cloudfront.net df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net	236 KB
5	openx.net rtb.openx.net — Cisco Umbrella Rank: 920	827 B
5	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 944	1 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 394 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 999 aax.amazon-adsystem.com — Cisco Umbrella Rank: 501	82 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	164 KB
5	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 7090 stats-collector.cxense.com — Cisco Umbrella Rank: 74466	49 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1235	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	369 KB
4	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1162	243 B
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 383	3 KB
4	lijit.com ap.lijit.com — Cisco Umbrella Rank: 1228	1 KB
4	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 4003	8 KB
4	minutemedia-prebid.com hb.minutemedia-prebid.com — Cisco Umbrella Rank: 5275	2 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 1573 api.btloader.com — Cisco Umbrella Rank: 1813	26 KB
4	instiengage.com geoip.instiengage.com — Cisco Umbrella Rank: 47254 auth.instiengage.com — Cisco Umbrella Rank: 36300 comment.instiengage.com — Cisco Umbrella Rank: 84406	1 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 ad.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	178 KB
4	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2461 mab.chartbeat.com — Cisco Umbrella Rank: 3880	37 KB
3	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 278	3 KB
3	absorbingband.com absorbingband.com — Cisco Umbrella Rank: 281028	68 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	90 KB
3	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 5948 k.p-n.io — Cisco Umbrella Rank: 3425	57 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 645	911 B
2	postrelease.com postrelease.com — Cisco Umbrella Rank: 1375 jadserve.postrelease.com — Cisco Umbrella Rank: 1508	675 B
2	outbrainimg.com images.outbrainimg.com — Cisco Umbrella Rank: 3953	29 KB
2	appspot.com speechify-api-dot-speechifymobile.uc.r.appspot.com — Cisco Umbrella Rank: 267442	144 B
2	speechify.com audio.api.speechify.com — Cisco Umbrella Rank: 63378	13 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1417	25 KB
2	rmbl.ws a.ads.rmbl.ws — Cisco Umbrella Rank: 30096 d2.ads.rmbl.ws — Cisco Umbrella Rank: 38511	3 KB
2	libsyn.com 1 redirects html5-player.libsyn.com — Cisco Umbrella Rank: 103629	272 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1603	1 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 2804	128 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 storage.googleapis.com — Cisco Umbrella Rank: 492	1 MB
2	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 8599	49 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1187	294 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1369	260 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 4149	324 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 2352	257 B
1	newsletterjet.com newsletterjet.com	108 KB
1	piano.io c2.piano.io — Cisco Umbrella Rank: 7249	7 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1356	725 B
1	t.co t.co — Cisco Umbrella Rank: 979	379 B
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 5974	179 KB
1	liadm.com b-code.liadm.com — Cisco Umbrella Rank: 4784	36 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 2075	1 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1859	202 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 1040	482 B
1	shareaholic.com analytics.shareaholic.com — Cisco Umbrella Rank: 47032	387 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2337	10 KB
1	shareaholic.net www.shareaholic.net — Cisco Umbrella Rank: 45475	2 KB
1	openshareweb.com cdn.openshareweb.com — Cisco Umbrella Rank: 49696	41 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 12713	3 KB
1	webcontentassessor.com scripts.webcontentassessor.com — Cisco Umbrella Rank: 4847	55 KB
1	newsmaxfeednetwork.com s.newsmaxfeednetwork.com — Cisco Umbrella Rank: 279791	47 KB
1	soapps.net soapps.net — Cisco Umbrella Rank: 74622	8 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	30 KB
282	71

	Domain	Requested by
40	ins.elements.video	cds.elements.video
11	www.washingtontimes.com	1 redirects www.washingtontimes.com
10	twt-thumbs.washtimes.com	www.washingtontimes.com
9	fastlane.rubiconproject.com	d3lcz8vpax4lo2.cloudfront.net www.washingtontimes.com
8	ex.ingage.tech	d3lcz8vpax4lo2.cloudfront.net
6	capi.connatix.com	3 redirects www.washingtontimes.com
6	cds.elements.video	cd.elements.video cds.elements.video scripts.webcontentassessor.com
6	capi.elements.video	www.washingtontimes.com cds.elements.video
5	cds.connatix.com	cds.elements.video cds.connatix.com
5	rtb.openx.net	d3lcz8vpax4lo2.cloudfront.net www.washingtontimes.com
5	bidder.criteo.com	d3lcz8vpax4lo2.cloudfront.net www.washingtontimes.com
5	event.insticator.com	d3lcz8vpax4lo2.cloudfront.net
5	connect.facebook.net	www.washingtontimes.com connect.facebook.net
5	widgets.outbrain.com	www.washingtontimes.com widgets.outbrain.com
4	ct.pinterest.com	s.pinimg.com
4	www.facebook.com	www.washingtontimes.com
4	mcdp-nydc1.outbrain.com	widgets.outbrain.com
4	www.googletagmanager.com	www.washingtontimes.com www.googletagmanager.com scripts.webcontentassessor.com
4	prebid.a-mo.net	d3lcz8vpax4lo2.cloudfront.net
4	ib.adnxs.com	d3lcz8vpax4lo2.cloudfront.net
4	ap.lijit.com	d3lcz8vpax4lo2.cloudfront.net
4	apex.go.sonobi.com	d3lcz8vpax4lo2.cloudfront.net
4	hb.minutemedia-prebid.com	d3lcz8vpax4lo2.cloudfront.net
4	d3lcz8vpax4lo2.cloudfront.net	www.washingtontimes.com d3lcz8vpax4lo2.cloudfront.net
3	buy.tinypass.com	cdn.tinypass.com scripts.webcontentassessor.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	sb.scorecardresearch.com	s.newsmaxfeednetwork.com www.washingtontimes.com
3	api.btloader.com	btloader.com
3	c.amazon-adsystem.com	www.washingtontimes.com c.amazon-adsystem.com
3	absorbingband.com	www.washingtontimes.com absorbingband.com
3	news.google.com	www.washingtontimes.com news.google.com
3	static.chartbeat.com	www.washingtontimes.com
3	cdn.cxense.com	www.washingtontimes.com cdn.tinypass.com cdn.cxense.com scripts.webcontentassessor.com
2	k.p-n.io	cdn.p-n.io
2	id5-sync.com	d3lcz8vpax4lo2.cloudfront.net
2	region1.google-analytics.com	www.googletagmanager.com
2	stats-collector.cxense.com	cdn.cxense.com
2	images.outbrainimg.com	www.washingtontimes.com
2	comment.instiengage.com	comment.instiengage.com
2	region1.analytics.google.com	www.googletagmanager.com
2	speechify-api-dot-speechifymobile.uc.r.appspot.com	storage.googleapis.com
2	audio.api.speechify.com	storage.googleapis.com
2	s.pinimg.com	www.washingtontimes.com s.pinimg.com
2	www.google-analytics.com	www.washingtontimes.com www.google-analytics.com
2	mv.outbrain.com	scripts.webcontentassessor.com
2	html5-player.libsyn.com	1 redirects www.washingtontimes.com
2	ad-delivery.net	www.washingtontimes.com
2	cdn.confiant-integrations.net	d3lcz8vpax4lo2.cloudfront.net cdn.confiant-integrations.net
2	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
2	www.gstatic.com	www.washingtontimes.com
2	www.google.com	2 redirects
2	securepubads.g.doubleclick.net	www.washingtontimes.com securepubads.g.doubleclick.net
2	netdna.bootstrapcdn.com	www.washingtontimes.com netdna.bootstrapcdn.com
1	lb.eu-1-id5-sync.com	d3lcz8vpax4lo2.cloudfront.net
1	api.rlcdn.com	d3lcz8vpax4lo2.cloudfront.net
1	id.crwdcntrl.net	d3lcz8vpax4lo2.cloudfront.net
1	lexicon.33across.com	d3lcz8vpax4lo2.cloudfront.net
1	newsletterjet.com	absorbingband.com
1	c2.piano.io	cdn.tinypass.com
1	vid.elements.video	cds.elements.video
1	id.tinypass.com	cdn.tinypass.com
1	jadserve.postrelease.com	scripts.webcontentassessor.com
1	postrelease.com	scripts.webcontentassessor.com
1	analytics.twitter.com	www.washingtontimes.com
1	t.co	www.washingtontimes.com
1	d2.ads.rmbl.ws	scripts.webcontentassessor.com
1	www.google.de	www.washingtontimes.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	s.ntv.io	www.googletagmanager.com
1	b-code.liadm.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	cdn.tinypass.com	experience.tinypass.com
1	rules.quantcount.com	secure.quantserve.com
1	px4.ads.linkedin.com	www.washingtontimes.com
1	ping.chartbeat.net	www.washingtontimes.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	scripts.webcontentassessor.com
1	static.adsafeprotected.com	www.washingtontimes.com
1	analytics.shareaholic.com	cdn.openshareweb.com
1	experience.tinypass.com	www.washingtontimes.com
1	storage.googleapis.com	www.washingtontimes.com
1	snap.licdn.com	www.washingtontimes.com
1	secure.quantserve.com	www.washingtontimes.com
1	a.ads.rmbl.ws	www.washingtontimes.com
1	ad.doubleclick.net	www.washingtontimes.com
1	widget-pixels.outbrain.com	www.washingtontimes.com
1	geoip.insticator.com	d3lcz8vpax4lo2.cloudfront.net
1	btloader.com	d3lcz8vpax4lo2.cloudfront.net
1	mab.chartbeat.com	static.chartbeat.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.shareaholic.net	dsms0mj1bbhn4.cloudfront.net
1	auth.instiengage.com	d3lcz8vpax4lo2.cloudfront.net
1	geoip.instiengage.com	d3lcz8vpax4lo2.cloudfront.net
1	cd.elements.video	www.washingtontimes.com
1	cdn.openshareweb.com	dsms0mj1bbhn4.cloudfront.net
1	www.npttech.com	www.washingtontimes.com
1	fonts.googleapis.com	www.washingtontimes.com
1	scripts.webcontentassessor.com	www.washingtontimes.com
1	s.newsmaxfeednetwork.com	www.washingtontimes.com
1	accounts.google.com	www.washingtontimes.com
1	soapps.net	www.washingtontimes.com
1	df80k0z3fi8zg.cloudfront.net	www.washingtontimes.com
1	code.jquery.com	www.washingtontimes.com
1	cdn.p-n.io	www.washingtontimes.com
1	dsms0mj1bbhn4.cloudfront.net	www.washingtontimes.com
282	105

This site contains no links.

Subject Issuer	Validity	Valid
washingtontimes.com E5	`2024-06-26` - `2024-09-24`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-02-14`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
pushlycdn.com Amazon RSA 2048 M03	`2023-12-16` - `2025-01-12`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
washtimes.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.soapps.net Sectigo RSA Organization Validation Secure Server CA	`2024-01-16` - `2025-01-25`	a year	crt.sh
accounts.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.news.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
newsmaxfeednetwork.com Amazon RSA 2048 M03	`2024-05-26` - `2025-06-24`	a year	crt.sh
scripts.webcontentassessor.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-02-09` - `2025-03-12`	a year	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
npttech.com WE1	`2024-06-22` - `2024-09-20`	3 months	crt.sh
absorbingband.com E1	`2024-05-22` - `2024-08-20`	3 months	crt.sh
openshareweb.com WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh
elements.video E6	`2024-07-14` - `2024-10-12`	3 months	crt.sh
*.instiengage.com Sectigo RSA Organization Validation Secure Server CA	`2024-05-17` - `2025-05-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-28` - `2024-07-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.shareaholic.net R10	`2024-07-17` - `2024-10-15`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
btloader.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
*.insticator.com Sectigo RSA Organization Validation Secure Server CA	`2023-08-28` - `2024-08-28`	a year	crt.sh
confiant-integrations.net WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.ingage.tech Sectigo RSA Organization Validation Secure Server CA	`2023-07-28` - `2024-08-11`	a year	crt.sh
*.minutemedia-prebid.com Amazon ECDSA 256 M03	`2024-03-18` - `2025-04-17`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.a-mo.net R10	`2024-07-04` - `2024-10-02`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-06-04` - `2024-09-02`	3 months	crt.sh
ad-delivery.net WE1	`2024-07-15` - `2024-10-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.libsyn.com Sectigo ECC Organization Validation Secure Server CA	`2024-07-10` - `2025-08-10`	a year	crt.sh
a.ads.rmbl.ws E6	`2024-06-13` - `2024-09-11`	3 months	crt.sh
quantserve.com R10	`2024-06-24` - `2024-09-22`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
storage.googleapis.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
tinypass.com WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
shareaholic.com Amazon RSA 2048 M03	`2024-02-02` - `2025-03-02`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
cds.connatix.com WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2023-08-28` - `2024-08-28`	a year	crt.sh
audio.api.speechify.com E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
*.appspot.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.de WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-03` - `2025-01-03`	a year	crt.sh
d2.ads.rmbl.ws E6	`2024-06-13` - `2024-09-11`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
ins.elements.video WE1	`2024-06-16` - `2024-09-14`	3 months	crt.sh
vid.elements.video WE1	`2024-07-17` - `2024-10-15`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2024-02-25` - `2024-12-31`	10 months	crt.sh
newsletterjet.com E1	`2024-05-22` - `2024-08-20`	3 months	crt.sh
lexicon.33across.com WR3	`2024-07-11` - `2024-10-09`	3 months	crt.sh
*.id5-sync.com E6	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
*.eu-1-id5-sync.com R10	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.p-n.io Amazon RSA 2048 M02	`2023-12-08` - `2025-01-03`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Frame ID: B8B41F5509FC5FEB3938719B82326829
Requests: 208 HTTP requests in this frame

Frame: https://cd.elements.video/player.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Frame ID: 2514EC3243F461787CAF452BD9F491AB
Requests: 57 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 6186E11D7A565824DEEAE4BF78753CB5
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fwww.washingtontimes.com
Frame ID: CF7DF173F17FCE4939CA31F2107620F6
Requests: 1 HTTP requests in this frame

Frame: https://html5-player.libsyn.com/embed/episode/id/32215092/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Frame ID: 98A895BBF818FBEEC5B0322E70EE7982
Requests: 1 HTTP requests in this frame

Frame: https://www.washingtontimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js
Frame ID: A7528E2709FC835879D403C3CBED296A
Requests: 2 HTTP requests in this frame

Frame: https://d2.ads.rmbl.ws/loader?a=170&if=false&title=Hackers%20used%20X%20to%20target%20Congress%20with%20spyware%2C%20Amnesty%20International%20finds%20-%20Washington%20Times
Frame ID: 1DBD005BEA3F7F9F18E9F9EB13E84B5C
Requests: 1 HTTP requests in this frame

Frame: https://postrelease.com/iframes/topics.html
Frame ID: 77920517AC17465853C09FA014BB4267
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=hph4LAYuC6&templateId=OTDEX4OMW764&templateVariantId=OTVRIAZD63LH4&offerId=fakeOfferId&experienceId=EXKMIF7G2A8Y&iframeId=offer_a182edd64c4e0f17fd8e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.washingtontimes.com
Frame ID: 44CEF121A521B942913B99495F2B53B5
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=hph4LAYuC6&templateId=OT6IEPD30CUD&templateVariantId=OTV4I85TGNEGP&offerId=fakeOfferId&experienceId=EXKMIF7G2A8Y&iframeId=offer_37e7275da93d75db1f1f-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.washingtontimes.com
Frame ID: BB6DFEDF8914CED0183931516DE56B75
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 04616E237E5ED864E772F612C9FAC3A5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

282
Requests

96 %
HTTPS

36 %
IPv6

71
Domains

105
Subdomains

101
IPs

10
Countries

4590 kB
Transfer

12815 kB
Size

69
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 110

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 120

https://html5-player.libsyn.com/embed/destination/id/1419779/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/ HTTP 302
https://html5-player.libsyn.com/embed/episode/id/32215092/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779

Request Chain 132

https://www.washingtontimes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.washingtontimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js

Request Chain 146

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1586410&time=1721407075757&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1586410&time=1721407075757&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&e_ipv6=AQK-A0egDGRiuQAAAZDL23c8NkwsKW23AjZvrmVlxXUrbQATMcoyVegPzZ_4lpyDSUhHNEg

Request Chain 194

https://capi.connatix.com/core/sync HTTP 302
https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0

Request Chain 196

https://capi.connatix.com/core/sync HTTP 302
https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0

Request Chain 198

https://capi.connatix.com/core/sync HTTP 302
https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0

282 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/ 184 KB
53 KB 270ms
163ms Document
text/html 104.22.58.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6041a7db9c0feae58c85cea9ce1cab02afd3927927a1f161ea5216958fd4592

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 8a5c2386ac0b9b95-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 19 Jul 2024 16:37:54 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-backend: web00
x-cacheable: YES
x-varnish: 418418802

GET
H2 200 shareaholic.js Show response
dsms0mj1bbhn4.cloudfront.net/assets/pub/ 10 KB
5 KB 141ms
45ms Script
application/javascript 2600:9000:20a0:e200:c:d51b:4400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:e200:c:d51b:4400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccb9e784aeed749aace58c8ba9719928ce908e26650f9dfebb41fa1f31c1fb34

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:20:58 GMT
content-encoding: gzip
via: 1.1 95e331271d583b113f2793246bc6205c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 1016
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4275
last-modified: Fri, 26 Jan 2024 16:19:55 GMT
server: AmazonS3
etag: "aa281fefab8896725e86c225f47bb0a2"
x-shr-hello-human: This website grows faster with Shareaholic.
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1200, public
x-shr-origin: S3
accept-ranges: bytes
x-amz-cf-id: VXryUrXmZvlrHGD5qyBQH8zGauAySwpWqHBIxjEnSbIz4nly5oJ3UA==

GET
H2 200 main.85b45e5ae2e7.css
www.washingtontimes.com/static/sass/ 219 KB
39 KB 70ms
66ms Stylesheet
text/css 104.22.58.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.washingtontimes.com/static/sass/main.85b45e5ae2e7.css
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9f32e7c6b749a905876934e79526bc92b0625537c6e6928825ed951b8f916c5

Request headers

Referer: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Mar 2024 16:20:03 GMT
x-backend: web02
server: cloudflare
x-cacheable: NO:Not Cacheable
age: 10019216
vary: Accept-Encoding
content-type: text/css
x-varnish: 561607512
cache-control: max-age=14400
cf-ray: 8a5c2387cd919b95-FRA
expires: Fri, 14 Mar 2025 16:20:15 GMT

GET
H3 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 21 KB
5 KB 139ms
67ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 894
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3293272
cdn-cachedat: 04/29/2024 23:38:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"1f9e9d1a5a1d347d945ef4b7727f2ea0"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c4f3acb11de661d44e8a402dcf2695c3
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8a5c23883d7db600-WAW
cdn-requestpullsuccess: True

GET
H/1.1 200
OK ari-ci.js Show response
cdn.cxense.com/ 12 KB
5 KB 145ms
51ms Script
application/x-javascript 2a02:26f0:480:b94::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/ari-ci.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b94::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 43a0e90f00a0fd7d5630c5200c1ac0faac53efccb92197b2ee8cb5614d9b875d

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 19 Jul 2024 16:37:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jul 2024 09:15:17 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4865
Expires: Fri, 19 Jul 2024 17:37:54 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 160ms
43ms Script
application/x-javascript 2600:9000:2646:fa00:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:fa00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:30:48 GMT
content-encoding: gzip
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 426
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: HyCUEPCalidhe8u5cJQ3eCH3QOUSTVF0kx7KbzukqO2kTN0yrz_wrA==
expires: Sat, 20 Jul 2024 16:30:48 GMT

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 272 KB
56 KB 163ms
53ms Script
application/javascript 216.137.44.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=gBtyMmS7OT8QOa8yn1NmkJvQvR9TfvNCMu8J
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.137.44.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-216-137-44-123.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea185e269e4f10b619c995b62302b5824d00bffb63dadbd399cb5abde1bfecf9

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:36 GMT
content-encoding: gzip
via: 1.1 71d62f2b54e1ac2dcda3d438900cc504.cloudfront.net (CloudFront)
last-modified: Wed, 17 Jul 2024 02:40:27 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P2
age: 18
x-amz-server-side-encryption: AES256
etag: W/"4559c3965bbd7279f79640a236d4ae09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: NHrC3UZ6Djtz7SG6JDo7Dlfxwnn1_6edTm69g-mIPZZtG_G8UZbcZw==

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 169ms
53ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.washingtontimes.com/
Origin: https://www.washingtontimes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2776342
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga21981-LGA, cache-mxp6947-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1721407075.643096,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 201302, 40915

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
31 KB 168ms
85ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

7f62fc780c1d235b03557ce9576326685fae0aab0130d63f3600466c8192e36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31741
x-xss-protection: 0
server: cafe
etag: 109 / 19923 / 31085405 / config-hash: 4036708570862920915
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 Jul 2024 16:37:54 GMT

GET
H2 200 dff2a308-b1e2-451c-a49a-adadd8636788.js Show response
df80k0z3fi8zg.cloudfront.net/files/instibid/ 163 KB
52 KB 188ms
41ms Script
application/javascript 2600:9000:26e8:6000:10:3422:3f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:6000:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae147bdedb062e34a025af585c79f80ebfe2b7e9ed99826f9192a78ddba677c3

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: NuiRsv1kWw7GNdK9nJYasQUgynhkNhUK
content-encoding: gzip
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
date: Fri, 19 Jul 2024 07:09:22 GMT
last-modified: Wed, 17 Jul 2024 06:16:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 37249
x-amz-server-side-encryption: AES256
etag: W/"b6f03953f1d17ff57faf6e817fac34fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: kjjZQn3_wmNrK8YfZHu5LcR1mW2ui935b2J1xpLHbE3djOS4GToBEA==

GET
H2 200 dff2a308-b1e2-451c-a49a-adadd8636788.js Show response
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 44 KB
13 KB 186ms
73ms Script
application/javascript 2600:9000:273e:4000:1c:386f:ec80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/dff2a308-b1e2-451c-a49a-adadd8636788.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:273e:4000:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b893f7ec9d157cf54fb9f891342ab5bfe542e9b06482a88523b5de36b54e61c3

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: opoTkq4i0NWFYGidhNamu1EsH3hd71VV
content-encoding: br
via: 1.1 e2e1cab1881801f1a9fb72feaff3761a.cloudfront.net (CloudFront)
date: Fri, 19 Jul 2024 16:37:54 GMT
x-amz-cf-pop: VIE50-P3
age: 28
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 17 Jul 2024 06:16:31 GMT
server: AmazonS3
etag: W/"f58abb274eba32ead49bcf16b00cdf37"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-id: Um18FpO5ebR0_AWYA3mndg0GzuYFJX5jHz8a_PY3GA5U_bjiMEKNbg==

GET
H2 200 twt_app.f423cbe14da0.js Show response
www.washingtontimes.com/static/js/ 12 KB
5 KB 74ms
71ms Script
application/javascript 104.22.58.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.washingtontimes.com/static/js/twt_app.f423cbe14da0.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d136b8fd897ad22bf498ee0e31bcf8c92deb6018a3980269f6efbb59d74064aa

Request headers

Referer: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 15:47:35 GMT
x-backend: web01
server: cloudflare
x-cacheable: NO:Not Cacheable
age: 89141
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 732573235
cache-control: max-age=14400
cf-ray: 8a5c2387cd929b95-FRA
expires: Fri, 18 Jul 2025 15:47:44 GMT

GET
H2 200 twt-logo.3490fc26f61e.svg
www.washingtontimes.com/static/img/ 13 KB
4 KB 101ms
99ms Image
image/svg+xml 104.22.58.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.washingtontimes.com/static/img/twt-logo.3490fc26f61e.svg
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52e1cc289a6021a3f1609eae5daa692dbdd7ff228307cc5b4350b1ad280e5ef9

Request headers

Referer: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Jan 2024 17:50:46 GMT
x-backend: web02
server: cloudflare
x-cacheable: NO:Not Cacheable
age: 10019114
vary: Accept-Encoding
content-type: image/svg+xml
x-varnish: 443248641
cache-control: max-age=14400
cf-ray: 8a5c2387cd959b95-FRA
expires: Wed, 15 Jan 2025 17:51:08 GMT

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

152ms
55ms

Script
text/javascript

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 20 Jul 2024 12:01:36 GMT

Redirect headers

date: Fri, 19 Jul 2024 16:34:56 GMT
x-content-type-options: nosniff
server: sffe
age: 178
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 19 Jul 2024 17:04:56 GMT

GET
H2 200 APTOPIX_Election_2024_RNC_27118_k65x65.jpg
twt-thumbs.washtimes.com/media/specials/thumbnails/ 2 KB
2 KB 74ms
58ms Image
image/webp 104.26.10.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twt-thumbs.washtimes.com/media/specials/thumbnails/APTOPIX_Election_2024_RNC_27118_k65x65.jpg?25e518aeb5fddef9cfade2c3459a6609d7980e02
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68ce1906923119ea4d065fa7e5d341ae66c6f7acb8fcd77e1d39aaa06f6afdf3

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
cf-cache-status: HIT
last-modified: Fri, 19 Jul 2024 13:39:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10689
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RLmeLY%2F0fRapvVv%2BeI%2BgojrBZrKZtaHyRmr6cm%2FTNpfk6I2td%2BXXFl27Kxqrhn3upEgkGDHm2lnkbTLCVXLUa8SZN6H23driYjWiHbE5y%2F1uFZvz7rtt3C0hxJXgc2ZtM%2Bb33ufp0ltefQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=691200, s-maxage=604800, no-transform, stale-while-revalidate=86400
content-disposition: inline
accept-ranges: bytes
cf-ray: 8a5c2389abcf19af-FRA
content-length: 1998
expires: Fri, 26 Jul 2024 13:39:45 GMT

GET
H2 200 APTOPIX_Election_2024_RNC_62343_c1000-0-5000-4000_s170x170.jpg
twt-thumbs.washtimes.com/media/image/2024/07/17/ 9 KB
10 KB 242ms
52ms Image
image/jpeg 104.26.10.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twt-thumbs.washtimes.com/media/image/2024/07/17/APTOPIX_Election_2024_RNC_62343_c1000-0-5000-4000_s170x170.jpg?f1bd568da5c7bdf6da31e5d48e36e160bf9aed8d
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17fe77e12663a3f6203343cf11d71cd3c17bd0aedbb55ad7e7e8c682c19f7b76

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 06:00:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 124635
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZGygkFmea%2FFxZRiG%2FZtocV0m6wzqn7IlkYTiVQttamLiFRMXZF4%2Bz8M587KXC8vleZEB9rUkvRPcU9adVNHJBsYAo8PN3H6i2ZaXRh1n9H5TwxoGzLcVrNjH1qoRslwvWTb2ADlAS9ncnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=691200, s-maxage=604800, no-transform, stale-while-revalidate=86400
content-disposition: inline
accept-ranges: bytes
cf-ray: 8a5c2389abbe19af-FRA
content-length: 9530
expires: Thu, 25 Jul 2024 06:00:38 GMT

GET
H2 200 Screen_Shot_2024-07-17_at_5.15.53_PM_c245-0-872-627_s170x170.png
twt-thumbs.washtimes.com/media/image/2024/07/17/ 6 KB
6 KB 111ms
54ms Image
image/webp 104.26.10.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twt-thumbs.washtimes.com/media/image/2024/07/17/Screen_Shot_2024-07-17_at_5.15.53_PM_c245-0-872-627_s170x170.png?fb50491211eea34bec3052d26715c112c4904f37
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81b6cdd2aad9df8448190d4994628ae0f33a47bd23c3f51e91f1c5dab828e43e

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
cf-cache-status: HIT
last-modified: Fri, 19 Jul 2024 00:01:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 59776
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KlOrOnqnKRbWp0x6wJGiqZkj4j7AEKxHuqSKo773JVoejGevEnCzOL9ZaDXCIQQf9HhnGxTExAc1D9zrJsh1hX5DDfwlCyWtq2vIfatTBX%2Fv1PPOX4R6iP7aGPNVKuP%2BHRnQfQxUIDaeyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=691200, s-maxage=604800, no-transform, stale-while-revalidate=86400
content-disposition: inline
accept-ranges: bytes
cf-ray: 8a5c2389abcb19af-FRA
content-length: 5990
expires: Fri, 26 Jul 2024 00:01:38 GMT

GET
H2 200 Election_2024_McCarthy_Fundraising_85345--f7909_c0-209-5000-3124_s885x516.jpg
twt-thumbs.washtimes.com/media/image/2023/10/05/ 53 KB
53 KB 1019ms
963ms Image
image/webp 104.26.10.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twt-thumbs.washtimes.com/media/image/2023/10/05/Election_2024_McCarthy_Fundraising_85345--f7909_c0-209-5000-3124_s885x516.jpg?97bb33537ebe846d4c08fcb503d0427a0f3e3c09
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a8fc459d3129a8ee72aa980fb717be206e36eb9cde7cd4c0c343db0b38bd63d

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
cf-cache-status: MISS
last-modified: Fri, 19 Jul 2024 16:37:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvUObQAPvLszAekHK8n9jsqFP58vtDU0VmrrEH5WV9DzOtyGFfZ3Yn9bNicXWeSnVPZ4hEVqEVaOmIwFxQ84F5siLPl1qohc95WexfaWCF2fGkv%2FG08Bf0VLzSUhjLzu4G1oVe299NJZGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=691200, s-maxage=604800, no-transform, stale-while-revalidate=86400
content-disposition: inline
accept-ranges: bytes
cf-ray: 8a5c2389abc919af-FRA
content-length: 53982
expires: Fri, 26 Jul 2024 16:37:55 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 246 KB
90 KB 178ms
45ms Script
application/x-javascript 184.28.89.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.outbrain.com/outbrain.js

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-28-89-148.deploy.static.akamaitechnologies.com

Software

Resource Hash

9cb7edf838db4d47002019bdccc953e83528cd05f709d9e39826a6b31ef50257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 19 Jul 2024 16:37:54 GMT
edge-cache-tag: widget-cheetah
x-traceid: 28da683a40fac8f65a906665da78514
content-length: 91339
last-modified: Thu, 18 Jul 2024 07:54:14 GMT
etag: "4e-9uoehUJZ/8tIMxrPu5wasMMo220"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14500
access-control-allow-credentials: false
timing-allow-origin: *, *
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK bundle.js Show response
soapps.net/live/loader/ 19 KB
8 KB 383ms
120ms Script
application/javascript 52.55.141.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soapps.net/live/loader/bundle.js

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.141.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-141-237.compute-1.amazonaws.com

Software

Resource Hash

5e4a60da7f50df6dd9a40bb33a86840fc81c6ac6d58705cc46048ad2c801abce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 19 Jul 2024 16:37:55 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 03 Apr 2024 11:38:04 GMT
ETag: W/"660d3f9c-4a33"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=300
Connection: keep-alive

GET
H2 200 charles-hurt-350_s170x238.jpg
twt-thumbs.washtimes.com/media/img/staff/2016/ 9 KB
9 KB 111ms
56ms Image
image/jpeg 104.26.10.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twt-thumbs.washtimes.com/media/img/staff/2016/charles-hurt-350_s170x238.jpg?4b4bbcd7d52068c3c9611573fce381be0c51d1e2
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 425c0ec55511fab2415531d7928c7ed37a51b455825114ab81b332f4a3df63be

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
cf-cache-status: HIT
last-modified: Fri, 19 Jul 2024 15:50:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2835
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WE%2BI5aoA4iEXElkjowQwTCG3oCv01wOb5LnCGyMxEg47wJvl86N6%2F9oJmK5ZNtKw%2FGFSkGpoA1YToOe%2BovDNO7Jk8H4d6MOKLpYfYkQteXWm14xzFX6k4sR12rd%2Fz5Fu5G4hbpAb0K4Xtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=691200, s-maxage=604800, no-transform, stale-while-revalidate=86400
content-disposition: inline
accept-ranges: bytes
cf-ray: 8a5c2389abc419af-FRA
content-length: 9127
expires: Fri, 26 Jul 2024 15:50:39 GMT

GET
H2 200 tim-murtaugh-350_s170x238.jpg
twt-thumbs.washtimes.com/media/img/staff/2022/ 7 KB
8 KB 54ms
54ms Image
image/jpeg 104.26.10.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twt-thumbs.washtimes.com/media/img/staff/2022/tim-murtaugh-350_s170x238.jpg?4b4bbcd7d52068c3c9611573fce381be0c51d1e2
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b38b71f3a3f9dff86056ea706d3f80568c2afcdc0584f612a96150d12f013e0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
cf-cache-status: HIT
last-modified: Fri, 19 Jul 2024 08:01:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 31007
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LFgdq7LoMoLM9LN50icfoB0jy%2Bvmz2r5hqKtkI%2FEIgb%2FEMpwPqe4KbJ4CE%2B%2F4SJXpadlbYnzoBh%2BU2Di05eOL49HS7sPbTJ54g4hi%2Be%2F%2BL9zUCDpHmbDtOutY1PeH2s8E4T1x9%2FcF%2Bu1DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=691200, s-maxage=604800, no-transform, stale-while-revalidate=86400
content-disposition: inline
accept-ranges: bytes
cf-ray: 8a5c2389bbdc19af-FRA
content-length: 7335
expires: Fri, 26 Jul 2024 08:01:07 GMT

GET
H2 200 scott-walker-350_s170x238.jpg
twt-thumbs.washtimes.com/media/img/staff/2019/ 11 KB
11 KB 95ms
95ms Image
image/jpeg 104.26.10.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twt-thumbs.washtimes.com/media/img/staff/2019/scott-walker-350_s170x238.jpg?4b4bbcd7d52068c3c9611573fce381be0c51d1e2
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda6c67ca288b9466bf5287beaf9f16eaca59a54f9e6e81fb441450502ad5595

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
cf-cache-status: HIT
last-modified: Fri, 19 Jul 2024 08:01:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 31007
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i6VFJTrYmeAqd9s71pAQNzdt6HCSHQyrIslLIQ6DTb37eAtUvjeWn%2BjDkZeYVJsfTpoVuwXlzNRgsUbG9TjsdkZS9jR6AlzZjmmN%2F7f0CUoyawyaVkYdHy0bk1h8cdgowC7aKAfFvbvoFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=691200, s-maxage=604800, no-transform, stale-while-revalidate=86400
content-disposition: inline
accept-ranges: bytes
cf-ray: 8a5c2389bbe019af-FRA
content-length: 11288
expires: Fri, 26 Jul 2024 08:01:07 GMT

GET
H2 200 0718_HAIH_900_k170x170.png
twt-thumbs.washtimes.com/media/specials/ 57 KB
57 KB 57ms
57ms Image
image/png 104.26.10.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twt-thumbs.washtimes.com/media/specials/0718_HAIH_900_k170x170.png?bb9cca1a98435f5499d7b8d34dbf9f08a0f51094
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b95218513284dd3cf897ce41b5826709c8b0107ce49bb1a5faf62732f88a7bb1

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 12:25:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 101538
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8PyNMZO28ctOTkqsYVk9ueNFoTEKnfgftmCvbrW7BNG%2FoHeUw5DyCzm3qsjku7aZBEB9Zc1DvXeSLYiyO8us1UTCtwTUKRcaTJkoVQ4RAP4kjNIYhFbdb8xyttbltMKBHXQtPEm7hJUQGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=691200, s-maxage=604800, no-transform, stale-while-revalidate=86400
content-disposition: inline
accept-ranges: bytes
cf-ray: 8a5c2389bbe319af-FRA
content-length: 57981
expires: Thu, 25 Jul 2024 12:25:36 GMT

GET
H2 200 0719_FRONT_900_k170x170.png
twt-thumbs.washtimes.com/media/specials/ 10 KB
10 KB 96ms
96ms Image
image/webp 104.26.10.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twt-thumbs.washtimes.com/media/specials/0719_FRONT_900_k170x170.png?bb9cca1a98435f5499d7b8d34dbf9f08a0f51094
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55cbe06206d5299ce508c1062408f39d51af44a4a90ba9ab56aa81d80cd0e3a3

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
cf-cache-status: HIT
last-modified: Fri, 19 Jul 2024 13:26:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11507
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2HYOS7APUIRew5lZQthcqxNPPSMrRNm7WlKEzPCqqqWqia1riaOzTv%2FHAOudnH%2BWMET4zjTYCDWox7Oo5wiwzZIk8o4aNLKGQ7u0NTiU9Y5oE%2BEocODFQ1XrtJAF5OKvgFkz%2Bl3Q%2FQx08A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=691200, s-maxage=604800, no-transform, stale-while-revalidate=86400
content-disposition: inline
accept-ranges: bytes
cf-ray: 8a5c2389ec0d19af-FRA
content-length: 9800
expires: Fri, 26 Jul 2024 13:26:07 GMT

GET
H2 200 0709_BOLD_900__k170x170.png
twt-thumbs.washtimes.com/media/specials/ 6 KB
6 KB 97ms
96ms Image
image/webp 104.26.10.235
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twt-thumbs.washtimes.com/media/specials/0709_BOLD_900__k170x170.png?bb9cca1a98435f5499d7b8d34dbf9f08a0f51094
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b6d729d6dd134339099deb0f343bc30ae059d2ee0c6d3863f248319fe30ffef

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 17:46:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 341488
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kU9O2qR3plkIQiZjAxb6mFIqIXhO7XMZEV3UJQr4UusAynk2PxKxjJZdJ4y0csq%2F2%2FDlyoId%2BDpI%2BEZOfRQq4FVACOARUQX7yJiBxAzhXb4XPPyk%2F70JYb6fRDf5yy5fvg%2Fa72XzuoICCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=691200, s-maxage=604800, no-transform, stale-while-revalidate=86400
content-disposition: inline
accept-ranges: bytes
cf-ray: 8a5c2389ec0f19af-FRA
content-length: 5684
expires: Mon, 22 Jul 2024 17:46:26 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 221 KB
84 KB 226ms
78ms Script
application/javascript 2a00:1450:4010:c01::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4010:c01::54 , Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65024289c4af3db52beded7416242782f336e24d7b5c60adc3a5bbf701569489

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WBJtVKofjb6TD3JROBVLTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-security-policy: script-src 'report-sample' 'nonce-WBJtVKofjb6TD3JROBVLTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 19 Jul 2024 16:37:55 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 209 KB
61 KB 143ms
42ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0b8eb1dad214845ea14f832439e5fd0eea407ad87a236d1076801808e4a3478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61443
x-xss-protection: 0
last-modified: Wed, 17 Jul 2024 15:52:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 16:53:52 GMT

GET
H2 200 swg-gaa.js Show response
news.google.com/swg/js/v1/ 69 KB
22 KB 188ms
87ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-gaa.js

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4eb65c8eb0db2f38be18391c0d1254a721b0c0e4587507b59b86085588bc700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22011
x-xss-protection: 0
last-modified: Wed, 17 Jul 2024 15:52:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 16:38:54 GMT

GET
H2 200 InArticleAds.111dbe3b6a06.js Show response
www.washingtontimes.com/static/v4/js/ads/ 3 KB
1 KB 60ms
56ms Script
application/javascript 104.22.58.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.washingtontimes.com/static/v4/js/ads/InArticleAds.111dbe3b6a06.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f2a696c506ffb0a2ac91dc19a8c101cb86ee7ef3bd40d28e93c7d79e3ccc77

Request headers

Referer: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 15:47:38 GMT
x-backend: web02
server: cloudflare
x-cacheable: NO:Not Cacheable
age: 89141
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 215893361
cache-control: max-age=14400
cf-ray: 8a5c23895fdd9b95-FRA
expires: Fri, 18 Jul 2025 15:47:44 GMT

GET
H2 200 connectV5.js Show response
s.newsmaxfeednetwork.com/static/js/ 73 KB
47 KB 517ms
238ms Script
application/javascript 23.21.101.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.newsmaxfeednetwork.com/static/js/connectV5.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.101.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-101-201.compute-1.amazonaws.com
Software: envoy / Express
Resource Hash: a56eeaf10b740315ef66b7b210fa58919956cd30d727166a0fdecce16f58c211

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-rc-region: us-east-1a
date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
last-modified: Fri, 09 Jun 2023 20:31:46 GMT
server: envoy
x-powered-by: Express
etag: W/"12342-188a1dba350"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
x-envoy-upstream-service-time: 5

GET
H2 200 85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525 Show response
scripts.webcontentassessor.com/scripts/ 172 KB
55 KB 159ms
45ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d62f0f7268437dd483e18fca7de2195e8ec4700b83a0ed4d5ebcdcf343dfb914

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: FLDIJny8Ks6W0CqXgI15T2n_rdcqLGql
content-encoding: gzip
via: 1.1 varnish
date: Fri, 19 Jul 2024 16:37:54 GMT
x-amz-request-id: HJTP2XF9C2JPH080
age: 862
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 55435
x-amz-id-2: dDzo5yWLc2ba0a3DnuhLrrNRQSC7l+wHOXJCwtkykjD4owGn8KtgvguB9E6xNQNoJ0VMeEwUh4Mc1J0PZvn/hsyISoJBWcII
x-served-by: cache-fra-etou8220037-FRA
last-modified: Fri, 19 Jul 2024 16:19:36 GMT
server: AmazonS3
x-timer: S1721407075.886926,VS0,VE0
etag: "949e9325f35e2fc1c7d9b7f85dc961a0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 prebid8.42.0.5866ee185820.js Show response
www.washingtontimes.com/static/js/ 288 KB
89 KB 80ms
77ms Script
application/javascript 104.22.58.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.washingtontimes.com/static/js/prebid8.42.0.5866ee185820.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 413db14827d3cd899f935467d415cf94c3cf1dcf41e0584f43f230a4d1658d17

Request headers

Referer: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 Apr 2024 17:47:54 GMT
x-backend: web00
server: cloudflare
x-cacheable: NO:Not Cacheable
age: 9412680
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 591219812
cache-control: max-age=14400
cf-ray: 8a5c23895fdf9b95-FRA
expires: Tue, 01 Apr 2025 17:47:56 GMT

GET
H2 200 global.5b5acddae9c7.js Show response
www.washingtontimes.com/static/js/ 7 KB
3 KB 60ms
57ms Script
application/javascript 104.22.58.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.washingtontimes.com/static/js/global.5b5acddae9c7.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa7dcb07b9e5fe106c0a21849380e0d2e0adb83c583b40a05b630651261dd4cc

Request headers

Referer: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 May 2024 18:39:08 GMT
x-backend: web00
server: cloudflare
x-cacheable: NO:Not Cacheable
age: 6212974
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 704662329
cache-control: max-age=14400
cf-ray: 8a5c23895fe29b95-FRA
expires: Thu, 08 May 2025 18:39:14 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 153ms
52ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Literata:opsz,wght@7..72,400;7..72,500;7..72,700&display=swap

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/static/sass/main.85b45e5ae2e7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b719701fed642ce20b7e0c03c80c2072ceb1324b099ca7a69f3be5e6e6223157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jul 2024 16:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jul 2024 16:37:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jul 2024 16:37:54 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 104ms
81ms Script
application/x-javascript 2600:9000:2646:fa00:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:fa00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:20:24 GMT
content-encoding: gzip
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 00:13:00 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 1049
etag: W/"665fad8c-9895"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: R7M7nx2SyZD95xgmt-QXuOJGVQVvCosC_gZ7vCi9RLodfhwGUJP_DA==
expires: Sat, 20 Jul 2024 16:20:24 GMT

GET
H2 200 subscriptions.js Show response
static.chartbeat.com/js/ 32 KB
11 KB 53ms
48ms Script
application/x-javascript 2600:9000:2646:fa00:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/subscriptions.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:fa00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a1c9a21ede44774a26110c312c2c5398e074132f6e243011c15b4bfd660702ab

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 18 Jul 2024 20:21:14 GMT
content-encoding: gzip
via: 1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
last-modified: Thu, 02 Jun 2022 02:15:58 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 73000
etag: W/"62981d5e-81f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Waq5RGCzHjuVsqxqqmDpml9DIJSWjWVHeiojvfAbKprfTTm6L4duxA==
expires: Fri, 19 Jul 2024 20:21:14 GMT

GET
H3 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 118ms
61ms Script
application/javascript 172.67.155.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 87H81SYSW2S7PY9Z
age: 6255
alt-svc: h3=":443"; ma=86400
x-amz-id-2: N7U1yeUX+GwIN4j8YWgrZYtt8+5TcYWgsoEwDHyNVm6PZ1n0ws7xNpfzJUUwgWXxqb2pbj3AdNM=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ktm0LUiot0D6pxVB66TZan6JcI2kCcA6f%2BkFOmz5fErwuKrRXKNth72iy9fXOUZRuDm00DRcx7adVjmzKNDma22u%2BIlVuNYmyB5%2FVg6%2FvyXp56RfIs0ABCp0SHpiiWrDYIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 8a5c238abb01371f-FRA

GET
H3 200 a8a084cb03100cac9e44c5e69dd87fd1686ea33cd4-prod.js Show response
absorbingband.com/public/ 369 KB
67 KB 176ms
104ms Script
text/javascript 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://absorbingband.com/public/a8a084cb03100cac9e44c5e69dd87fd1686ea33cd4-prod.js

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7758f8f3b81bbf7755b5d35c06c06c01b85659f84e034572d902338f92a27634

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: MISS
x-buildnumber: 1353145067
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
etag: W/"4b61c0d868b43362008f457ed24c0f006ad173c7864c22c32547855355a36f81"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-4lzd
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *
cf-ray: 8a5c238adf7dc3c3-WAW

GET
H3 200 main.js Show response
cdn.openshareweb.com/v2/3d3dde91/ 149 KB
41 KB 127ms
62ms Script
application/javascript 172.67.74.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.openshareweb.com/v2/3d3dde91/main.js
Requested by: Host: dsms0mj1bbhn4.cloudfront.net
URL: https://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc1baeab33ebd4b540c9de6ec3aefd86d82196db0aacb1b88eac282585afe97

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3395525
alt-svc: h3=":443"; ma=86400
content-length: 41759
last-modified: Fri, 26 Jan 2024 16:19:53 GMT
server: cloudflare
etag: "5a3474c5830f2f6f280c3080e79b7d92"
x-shr-hello-human: This website grows faster with Shareaholic.
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oAhFlwJA1SKxIMSc%2F44mqfZqpr2Yd%2BpR5ZcKUzjCKAJ4yoidGmiRCVkprWS6zFLyWwQYlthrIgDH67ugNpb3FP9h7E6%2FpGe1%2Ft%2BiIs1hLq6q8%2FZ%2F%2Fk%2BSMmIzBKOoGaZSx8HAbfgt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
vary: Accept-Encoding
x-shr-origin: S3
accept-ranges: bytes
cf-ray: 8a5c238afbb33641-FRA

GET
H3 200 player.js Show response
cd.elements.video/ Frame 2514 2 KB
1 KB 167ms
52ms Script
application/javascript 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.elements.video/player.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88426495eba27827767497223041c6acbd4b62d1e8406945f1dfdef44a8c6f64

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 8a5c238b48e458f6-TXL
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 e59594d6-8096-440b-9482-3e37d75e11d4.js Show response
d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/ 452 KB
131 KB 53ms
52ms Script
application/javascript 2600:9000:273e:4000:1c:386f:ec80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/dff2a308-b1e2-451c-a49a-adadd8636788.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:273e:4000:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ec0f953f98d8c4bd15be23a55d910aa5528efc912270da5fa352d4c4c4423de

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: b4AIQzImENg3S12Rw6RDL8z6GL.EaLMh
content-encoding: br
via: 1.1 e2e1cab1881801f1a9fb72feaff3761a.cloudfront.net (CloudFront)
date: Fri, 19 Jul 2024 07:27:59 GMT
x-amz-cf-pop: VIE50-P3
age: 33000
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 12 Jun 2024 15:02:34 GMT
server: AmazonS3
etag: W/"f7922b792456fb4db2f3d1322b29dc50"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-id: 8sFJIiFiTUMqmIp4-obT2Wm8thPCyBr-Sxa79VHLzaWA7-NwsINYyQ==

GET
H2 200 e59594d6-8096-440b-9482-3e37d75e11d4-hb.js Show response
d3lcz8vpax4lo2.cloudfront.net/header-tags/dff2a308-b1e2-451c-a49a-adadd8636788/ 127 KB
30 KB 177ms
176ms Script
application/javascript 2600:9000:273e:4000:1c:386f:ec80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4-hb.js
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/dff2a308-b1e2-451c-a49a-adadd8636788.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:273e:4000:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bff07e007ec24715de3094752d87a225bbdb59945c8176ffe98f3bbd0234a2bd

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: c.KMgAbVhB12WNbWocNR_n4Oy8FyMdNL
content-encoding: br
via: 1.1 e2e1cab1881801f1a9fb72feaff3761a.cloudfront.net (CloudFront)
date: Fri, 19 Jul 2024 16:37:54 GMT
x-amz-cf-pop: VIE50-P3
age: 24
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 17 Jul 2024 06:16:31 GMT
server: AmazonS3
etag: W/"dff64f4ad26fb7bcd9191cd9a4d74fc9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-id: LLTikjlnLyjkEUldIPvgCU9V2mEG_nIGeYKH2YDom19WMyw0pbryFg==

GET
H2 200 e59594d6-8096-440b-9482-3e37d75e11d4-dmp.js Show response
d3lcz8vpax4lo2.cloudfront.net/header-tags/dff2a308-b1e2-451c-a49a-adadd8636788/ 15 KB
5 KB 183ms
182ms Script
application/javascript 2600:9000:273e:4000:1c:386f:ec80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4-dmp.js
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/dff2a308-b1e2-451c-a49a-adadd8636788.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:273e:4000:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ff0ebb20dd0177606f51abd80ded707c304c46890866c14f418e39673eee34f

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: jWyncADEQZiXaJkDnvDb28whMYwjFSbe
content-encoding: br
via: 1.1 e2e1cab1881801f1a9fb72feaff3761a.cloudfront.net (CloudFront)
date: Fri, 19 Jul 2024 16:37:54 GMT
x-amz-cf-pop: VIE50-P3
age: 24
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 17 Jul 2024 06:16:31 GMT
server: AmazonS3
etag: W/"f68088d3e25851a6621bc8181f81ff50"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-id: uxYYJ_8sK7Yw8YAaq4s808y_flHuPUGjza4PafLEtC0sqm8sd7Vfww==

GET
H2 200 / Show response
geoip.instiengage.com/json/ 209 B
402 B 407ms
120ms XHR
application/json 3.213.115.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.instiengage.com/json/
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/dff2a308-b1e2-451c-a49a-adadd8636788.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.115.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-115-59.compute-1.amazonaws.com
Software: /
Resource Hash: 384d2562e864accb1807b170370cb8a24f7e745533a08566bd1051c5187d24c5

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.washingtontimes.com
date: Fri, 19 Jul 2024 16:37:55 GMT
access-control-allow-credentials: true
x-database-date: Fri, 19 Jul 2024 02:17:07 GMT
content-length: 209
vary: Origin
content-type: application/json

GET
H2 200 index.html
auth.instiengage.com/auth/ Frame 6186 0
0 159ms
40ms Document
text/html 2600:9000:206f:7c00:9:78a:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.instiengage.com/auth/index.html
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/dff2a308-b1e2-451c-a49a-adadd8636788.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7c00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.washingtontimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 228
cache-control: max-age=300
content-length: 75
content-type: text/html
date: Fri, 19 Jul 2024 16:34:07 GMT
etag: "2e3d17ce9023be2c1313c02113f5c568"
last-modified: Tue, 16 Jul 2024 12:05:16 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-id: 7doZMW10czhESb_Vim7MdxkNtvKogjzh_9XFcrBv0DWmDcJpxdu4KA==
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: moPMP4k2cVXVdeI1Q.tOg6xtomkFE0ZD
x-cache: Hit from cloudfront

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 135ms
43ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

72d8ea92d665d2014ece1d3722e7dbc6c0c8aef58236c71410e8dcc6ffdd5029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Jul 2024 16:37:55 GMT
content-md5: ifspg3Z3x9UninsmetIyQA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: kSlAAG8FiAGZiW/Yvu71MIy3XpX/+hVetjHtKcLBwouviR9/gag/L4EPbytpeAbwfxADyw3YJo0ueUCAkIJAaA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 8daa7ec1589ef8606a2a74f9d420e6aa
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "11ffd36fe7d981f335f6dcdd5d20c133"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 19 Jul 2024 16:56:49 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 310 KB
77 KB 151ms
47ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 033ce432d750dea22adc9a6c46276b2a50976eb2b080f61cfb501d41db84a697

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:36:48 GMT
content-encoding: gzip
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront), 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 23:08:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 69
x-amz-server-side-encryption: AES256
etag: W/"bac564afc3d66c01c2c0ef0fe11bf6b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 0Y-dU6B48lFIMNWI4rdmcxRHLs3mz71S9TnXtDn_8ut3PEajj3B0sg==

GET
H2 200 1b4cd6dea80b282c132df03b8b3fd9ac.json Show response
www.shareaholic.net/config/ 4 KB
2 KB 366ms
119ms XHR
application/json 184.73.100.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shareaholic.net/config/1b4cd6dea80b282c132df03b8b3fd9ac.json
Requested by: Host: dsms0mj1bbhn4.cloudfront.net
URL: https://dsms0mj1bbhn4.cloudfront.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.73.100.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-100-94.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 12b63784ede2afa7c8d9b70d7e0b23a4f88a1986b96cc9e49335c3f08d111adf

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-client-geo-country: DE,Deutschland
date: Thu, 18 Jul 2024 19:31:16 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0)
x-client-geo-metrocode
content-length: 1269
x-client-geo-region
last-modified: Mon, 13 May 2024 19:30:50 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
x-varnish: 1046055957 1030324400
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control: max-age=3, public, must-revalidate
x-client-geo-city
x-client-geo-zip
access-control-max-age: 2000
accept-ranges: bytes
access-control-allow-headers: *
x-client-geo-latlong: 51.299300,9.491000

GET
H2 200 or3PQ6P12-iJxAIgLa78DkTtAoDhk0oVpaK3YLanFLHpPf2TbLi4J_HWTA.woff2
fonts.gstatic.com/s/literata/v35/ 83 KB
84 KB 135ms
41ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/literata/v35/or3PQ6P12-iJxAIgLa78DkTtAoDhk0oVpaK3YLanFLHpPf2TbLi4J_HWTA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Literata:opsz,wght@7..72,400;7..72,500;7..72,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37663f7b1e295c1f7483c9dd9ff185ea56d380ebb1fd18687cbbd9fc226ebb94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.washingtontimes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 00:37:30 GMT
x-content-type-options: nosniff
age: 316824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85372
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 20:21:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jul 2025 00:37:30 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407160101/ 470 KB
147 KB 40ms
40ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407160101/pubads_impl.js?cb=31085405

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

150e7c69615226b7eb530254b056873fafca25505aca9bb2a297277bb27cca09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 10:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23785
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149996
x-xss-protection: 0
server: cafe
etag: 25274233128216560
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 19 Jul 2025 10:01:29 GMT

GET
DATA 200
OK truncated
/ 210 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc0d83e5e39fb0ccb3a013b049bde41adbf562a73c30b3fe74f1ef9cad34c219

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 arrow-zoom.1153a883.7d9b5d6db57a.png
www.washingtontimes.com/static/ 273 B
413 B 65ms
65ms Image
image/png 104.22.58.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.washingtontimes.com/static/arrow-zoom.1153a883.7d9b5d6db57a.png
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/static/sass/main.85b45e5ae2e7.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d987b96e4134841680fe5ede6e7ca73c5e4cc58fcf618be8571872aa9b6a26eb

Request headers

Referer: https://www.washingtontimes.com/static/sass/main.85b45e5ae2e7.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
x-cacheable: NO:Not Cacheable
x-backend: web01
age: 10019635
content-length: 273
last-modified: Fri, 18 Aug 2023 19:19:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
x-varnish: 559817844
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a5c2389b8979b95-FRA
expires: Tue, 18 Mar 2025 20:25:09 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 241 B
532 B 305ms
160ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=washingtontimes.com&domain=washingtontimes.com&path=%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fd11fe6c40851b3191967b3630107f062e826064ac65bf45709ea75974dcf760

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 177
x-served-by: cache-mxp6940-MXP
x-timer: S1721407075.090634,VS0,VE110
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Wed, 17 Jul 2024 16:37:55 GMT

GET
H2 200 5856 Show response
fundingchoicesmessages.google.com/i/ 200 KB
66 KB 177ms
71ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/5856?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407160101/pubads_impl.js?cb=31085405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f732ac4590f6f34b76eb1038a7f828859189558969b1994c6b475d855a284f1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JFJG3CFmVCuJijyDI_Q6gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JFJG3CFmVCuJijyDI_Q6gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitHikmLw0JBiUAzbyXTe6Q7TdSCW-PqSSQOIndJnsAYBsU_9DNYYIG69eY51KhB_fnyO9TcQJ_07z1oExEsiLrIeSrzIevDxRdaTQGykcInVCYiFuDker3m1hU3gw8cpiUoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBuaGZnoGZvEFBgBGIj3X"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag Show response
btloader.com/ 83 KB
25 KB 172ms
81ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=4879373895204864&upapi=true
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4-hb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e6482dd934a53ccea01fec576e6df098fb782cfa74d639397f2e8057076b92

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 19 Jul 2024 16:34:37 GMT
server: cloudflare
age: 170
etag: "19cebffe6ccff316558843d529ef0d90"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8a5c238be92b718b-FRA
content-length: 25686

GET
H2 200 / Show response
geoip.insticator.com/json/ 209 B
402 B 428ms
118ms Fetch
application/json 52.0.214.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.insticator.com/json/
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4-hb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.214.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-214-159.compute-1.amazonaws.com
Software: /
Resource Hash: 384d2562e864accb1807b170370cb8a24f7e745533a08566bd1051c5187d24c5

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.washingtontimes.com
date: Fri, 19 Jul 2024 16:37:55 GMT
access-control-allow-credentials: true
x-database-date: Fri, 19 Jul 2024 02:17:07 GMT
content-length: 209
vary: Origin
content-type: application/json

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 124 KB
27 KB 125ms
61ms Script
text/javascript 104.18.20.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4-hb.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.20.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83f54f9a87f6274c7edee024ab88ec379c52d4fabdab0831ea7cf71bcc0748aa

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 8CWC6XDSWSHKC3WK
age: 542
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 27300
x-amz-id-2: 4SIoY8nBpZG/at9INzaPYyFH9xKvhGWoTpsmu68qmAT2GgJoHtI0t65y54Ir8gefwzr1rz2nTBmE3NDPOvf1HlFo9trsgPZB4Rxsrn08k48=
last-modified: Fri, 19 Jul 2024 16:26:55 GMT
server: cloudflare
etag: "2135d8c6d2566f432567221ae7c9ae01"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
cf-ray: 8a5c238bde9fbbc0-WAW

GET
H2 200 topics.html
widgets.outbrain.com/nanoWidget/externals/topics/ Frame CF7D 0
0 122ms
43ms Document
text/html 184.28.89.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/topics/topics.html?r=https%3A%2F%2Fwww.washingtontimes.com
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-89-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.washingtontimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=14400
content-length: 667
content-type: text/html
date: Fri, 19 Jul 2024 16:37:55 GMT
etag: "a52151dbf5b2ca563e40ccca1ab8228c:1721289251.413826"
expires: Fri, 19 Jul 2024 20:37:55 GMT
last-modified: Thu, 18 Jul 2024 07:26:34 GMT
server: AkamaiNetStorage
timing-allow-origin: * *

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
373 B 70ms
42ms Image
image/gif 184.28.89.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-89-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Sun, 18 Aug 2024 16:37:55 GMT
date: Fri, 19 Jul 2024 16:37:55 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

POST
H2 201 event
event.insticator.com/v1/ 0
0 121ms
119ms Fetch 3.91.129.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.insticator.com/v1/event?event_name=event_pageview
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4-dmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.129.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-129-208.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.washingtontimes.com
date: Fri, 19 Jul 2024 16:37:55 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin

OPTIONS
H2 200 event
event.insticator.com/v1/ Frame 0
0 391ms
118ms Preflight 3.91.129.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.insticator.com/v1/event?event_name=event_pageview
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.129.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-129-208.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.washingtontimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.washingtontimes.com
access-control-max-age: 3600
content-length: 0
date: Fri, 19 Jul 2024 16:37:55 GMT
vary: Origin

OPTIONS
H2 204 openrtb
ex.ingage.tech/v1/ Frame 0
0 332ms
231ms Preflight 2606:4700:4400::ac40:9296
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.washingtontimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.washingtontimes.com
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 8a5c238caebc4da2-FRA
content-length: 0
date: Fri, 19 Jul 2024 16:37:55 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers

OPTIONS
H2 200 event
event.insticator.com/v1/ Frame 0
0 341ms
119ms Preflight 3.91.129.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.129.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-129-208.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.washingtontimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.washingtontimes.com
access-control-max-age: 3600
content-length: 0
date: Fri, 19 Jul 2024 16:37:55 GMT
vary: Origin

OPTIONS
H2 204 openrtb
ex.ingage.tech/v1/ Frame 0
0 234ms
143ms Preflight 2606:4700:4400::ac40:9296
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.washingtontimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.washingtontimes.com
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 8a5c238caebf4da2-FRA
content-length: 0
date: Fri, 19 Jul 2024 16:37:55 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers

GET
H3 200 si
capi.elements.video/tr/ 0
246 B 154ms
89ms Image
application/json 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.elements.video/tr/si?token=3feb3f71-1406-496c-a547-166f5d76de2e&cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8a5c238c3b5958f6-TXL
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 83 B
430 B 214ms
56ms Fetch
application/json 34.255.106.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.255.106.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-106-40.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: b389f1b9fe54819687b6fe187591e761e97b2bfd992aa1bc28e8a9cd8e6b8498

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
server: istio-envoy
x-reason: maxmind anonymous
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.washingtontimes.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 83

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 1 KB
2 KB 469ms
147ms Fetch
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2249034f117a8bda%22%3A%2294ac52093b9acc281a8f%7C250x250%2C320x50%2C320x100%2C336x280%2C300x250%7Cgpid%3D%2F2507246%2C5856%2Fwashingtontimes.com_Web_300x250_cmt_1%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&s=f9859366-1ab5-4b1c-8c9c-ed0359ee0c58&pv=166ed97f-cd73-4077-96dc-736af0475b68&vp=desktop&lib_name=prebid&lib_v=8.45.0&us=50&iqid=%7B%22pcid%22%3A%22d68ff2fc-8966-42c7-95f7-e9d2cca6e1f5%22%2C%22pcidDate%22%3A1721407075177%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22washingtontimes.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22washingtontimes.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22de%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%225dc782e7-68d1-45b6-be7b-16a6cd9812a3%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d21166af-2afa-4426-811a-ae5628bb457c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

af769518fcc767ae5793127953eddda981dc2f2f20d65f7dc3d88db36144ab69

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-114
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 714
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
229 B 175ms
46ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.45.0&cb=25551139476&lsavail=1

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 24 B
275 B 237ms
56ms Fetch
application/json 54.171.243.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.45.0
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.171.243.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-243-181.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 079cdaa2d98200ef08ce012982a0c73a6d22e272f87bc4584acfbfe6f688c76c

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 488 B
1021 B 228ms
122ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=729094&size_id=15&alt_size_ids=14%2C16%2C43%2C117&rp_schain=1.0,1!insticator.com,5dc782e7-68d1-45b6-be7b-16a6cd9812a3,1,,,&eid_pubcid.org=d21166af-2afa-4426-811a-ae5628bb457c%5E1&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&tg_i.domain=washingtontimes.com&tg_i.page=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&tg_i.pbadslot=%2F2507246%2C5856%2Fwashingtontimes.com_Web_300x250_cmt_1&tk_flint=pbjs_lite_v8.45.0&l_pb_bid_id=10c8ab5cc4c3b9c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F2507246%2C5856%2Fwashingtontimes.com_Web_300x250_cmt_1&m_ch_mobile=%3F0&slots=1&rand=0.32962299118219196
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 90531acb28f2f696000c431480a8d71e0cf8d83115f71990b76048a38fa2f7dc

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:55 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 488
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
132 B 156ms
50ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 9835d1fe29b1f421a90bcedff2b3dd52093690ae9ac9d9bb9c604d11cc67b2da

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
content-encoding: gzip
via: 1.1 google
observe-browsing-topics: ?1
vary: Origin
x-forwarded-for: 80.255.7.102
content-type: text/plain
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 openrtb Show response
ex.ingage.tech/v1/ 521 B
857 B 254ms
252ms Fetch
application/json 2606:4700:4400::ac40:9296
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 391f7d536faa20344cc02870271c192e31fd02094700ad7c2fa314c6f6d0e167

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
cf-ray: 8a5c238e19849f4e-FRA

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
834 B 200ms
59ms Fetch
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

d60a358f5431adcd8ea0d4f06f1d616de2aa8d2f10d63665ead37eab24a41d81

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:55 GMT
an-x-request-uuid: 515c82df-f59e-462d-803b-6846421af38b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.102; 80.255.7.102; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
189 B 176ms
47ms Fetch 147.75.80.51
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.80.51 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: omni-am6-o8cfqa
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

x-nbr: 1
date: Fri, 19 Jul 2024 16:37:54 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
access-control-allow-origin: https://www.washingtontimes.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 201 event
event.insticator.com/v1/ 0
0 122ms
120ms Fetch 3.91.129.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4-hb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.129.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-129-208.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.washingtontimes.com
date: Fri, 19 Jul 2024 16:37:55 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 488 B
839 B 239ms
146ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=771342&size_id=15&alt_size_ids=14%2C16%2C43%2C117&rp_schain=1.0,1!insticator.com,5dc782e7-68d1-45b6-be7b-16a6cd9812a3,1,,,&eid_pubcid.org=d21166af-2afa-4426-811a-ae5628bb457c%5E1&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&tg_i.domain=washingtontimes.com&tg_i.page=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&tg_i.pbadslot=%2F2507246%2C5856%2Fwashingtontimes.com_Web_300x250_cmt_2&tk_flint=pbjs_lite_v8.45.0&l_pb_bid_id=2101248265352eb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F2507246%2C5856%2Fwashingtontimes.com_Web_300x250_cmt_2&m_ch_mobile=%3F0&slots=1&rand=0.5875739083105798
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 56f50fd530a6d9b653cea9e0281944c6d99a8da426f7f98c36675aeb63af5a19

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:55 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 488
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 openrtb Show response
ex.ingage.tech/v1/ 521 B
717 B 348ms
259ms Fetch
application/json 2606:4700:4400::ac40:9296
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9151dd12def34f464f7b42b296a5375abe88763c4fb1aea835e5fd6313d6b0bf

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
cf-ray: 8a5c238e19839f4e-FRA

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 84 B
431 B 245ms
107ms Fetch
application/json 34.255.106.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.255.106.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-106-40.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 6418e151e906741cb1e64a1dea6e1fc5dbb5f695132556cbca3a4ead338fd814

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
server: istio-envoy
x-reason: maxmind anonymous
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.washingtontimes.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 1 KB
2 KB 449ms
146ms Fetch
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222754845a9be329a%22%3A%22e6e8676cecbf3d3d5d9a%7C250x250%2C320x50%2C320x100%2C336x280%2C300x250%7Cgpid%3D%2F2507246%2C5856%2Fwashingtontimes.com_Web_300x250_cmt_2%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&s=b63302f8-c707-4607-b037-a55c0e03d636&pv=166ed97f-cd73-4077-96dc-736af0475b68&vp=desktop&lib_name=prebid&lib_v=8.45.0&us=50&iqid=%7B%22pcid%22%3A%22d68ff2fc-8966-42c7-95f7-e9d2cca6e1f5%22%2C%22pcidDate%22%3A1721407075177%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22washingtontimes.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22washingtontimes.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22de%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%225dc782e7-68d1-45b6-be7b-16a6cd9812a3%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d21166af-2afa-4426-811a-ae5628bb457c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8e6215bbbc3615a74c48a71a8eec5197d7ef8ed17d20f6c6055fda07d45e8373

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-24
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 710
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 24 B
274 B 225ms
61ms Fetch
application/json 54.171.243.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.45.0
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.171.243.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-243-181.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bfcb5d315a5dd02239606a0af664c41962154b5470ca651227ac2972fa80814c

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
230 B 156ms
46ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.45.0&cb=20211336654&lsavail=1

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 168ms
49ms Fetch 147.75.80.51
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.80.51 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: omni-am6-o8cfqa
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

x-nbr: 1
date: Fri, 19 Jul 2024 16:37:54 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
access-control-allow-origin: https://www.washingtontimes.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
300 B 139ms
49ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: f660f8bdf74668efde611f91ce5d4037f6f0a07d5349db2d07998c9324bedd95

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
via: 1.1 google
observe-browsing-topics: ?1
vary: Origin
x-forwarded-for: 80.255.7.102
content-type: text/plain
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
833 B 245ms
116ms Fetch
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

43263077c048728e38bc6d15f5f17ca333e3296ee7ac1ccaf981b2862e9f5967

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:55 GMT
an-x-request-uuid: dff9c18f-f804-4053-a5cf-19213d0831b1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.102; 80.255.7.102; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 246 KB
0 0ms
0ms Script
application/x-javascript 184.28.89.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-89-148.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9cb7edf838db4d47002019bdccc953e83528cd05f709d9e39826a6b31ef50257

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
content-encoding: gzip
last-modified: Thu, 18 Jul 2024 07:54:14 GMT
etag: "4e-9uoehUJZ/8tIMxrPu5wasMMo220"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: 28da683a40fac8f65a906665da78514
timing-allow-origin: *, *
content-length: 91339
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
86 KB 87ms
45ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f9e675667c85d9822cecc3d451128e94

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

662ce64b8867077cccfe0d666ad2b450ce0fd15a57b97e17715fcd141c1bc638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.washingtontimes.com/
Origin: https://www.washingtontimes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Jul 2024 16:37:55 GMT
content-md5: 0EdJutVxFmrqhRDqmeeYXw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87602
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4312, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug: oVs+vhJv4WJGYgBQIZTzbYxt2KE+QpNmmDGadp7FaD2UlCDuBJtPzIP/jnmpCi5/2QjNmuiElO1PLYNT8E8quA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d81b1848842a71755da102b6344c76e2
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "7948482b41ad8d0913047c824f9fb2cd"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 19 Jul 2025 16:02:45 GMT

GET
H3 200 elLoader.js Show response
cds.elements.video/p/511634/ Frame 2514 3 KB
2 KB 75ms
45ms Script
application/javascript 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.elements.video/p/511634/elLoader.js
Requested by: Host: cd.elements.video
URL: https://cd.elements.video/player.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d4f5f33e523a7c0dcc092a2f06a6cdafb774eddbd7f9c4ea0255c4f713e853b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: br
x-amz-version-id: WK7eioN7VcFX8qrPshU.q2C4SX2Fbg94
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 1212
last-modified: Fri, 19 Jul 2024 12:58:21 GMT
server: cloudflare
etag: "3033aa8a4f2d692eb49db48d84b79b53"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8a5c238c6bcf58f6-TXL
access-control-allow-headers: range
expires: Sat, 19 Jul 2025 16:37:55 GMT

GET
H3 200 fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 43 KB
44 KB 112ms
61ms Font
font/woff 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Origin: https://www.washingtontimes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 845
age: 3293868
cdn-cachedat: 10/31/2023 18:51:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 44432
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "3293616ec0c605c7c2db25829a0a509e"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: cf200e897b099b671fa7eed1a2030270
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8a5c238ccffabbb2-WAW
cdn-requestpullsuccess: True

OPTIONS
H2 204 openrtb
ex.ingage.tech/v1/ Frame 0
0 143ms
143ms Preflight 2606:4700:4400::ac40:9296
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.washingtontimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.washingtontimes.com
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 8a5c238cbee04da2-FRA
content-length: 0
date: Fri, 19 Jul 2024 16:37:55 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers

OPTIONS
H2 204 openrtb
ex.ingage.tech/v1/ Frame 0
0 149ms
144ms Preflight 2606:4700:4400::ac40:9296
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.washingtontimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.washingtontimes.com
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 8a5c238cdefd4da2-FRA
content-length: 0
date: Fri, 19 Jul 2024 16:37:55 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 488 B
839 B 116ms
115ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=771346&size_id=15&alt_size_ids=14%2C16%2C43%2C117&rp_schain=1.0,1!insticator.com,5dc782e7-68d1-45b6-be7b-16a6cd9812a3,1,,,&eid_pubcid.org=d21166af-2afa-4426-811a-ae5628bb457c%5E1&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&tg_i.domain=washingtontimes.com&tg_i.page=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&tg_i.pbadslot=%2F2507246%2C5856%2Fwashingtontimes.com_Web_300x250_cmt_4&tk_flint=pbjs_lite_v8.45.0&l_pb_bid_id=40eeabd3c31161d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F2507246%2C5856%2Fwashingtontimes.com_Web_300x250_cmt_4&m_ch_mobile=%3F0&slots=1&rand=0.7265327019888534
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a59b6b387f514db2d8d2b184893944a7a71072130cfe8d2bc26c7238120838c3

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:55 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 488
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 24 B
274 B 128ms
61ms Fetch
application/json 54.171.243.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.45.0
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.171.243.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-243-181.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3254b83e6983833901db711977cc820b4a2de4f69df93436325e4d9e16946d41

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
229 B 58ms
44ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.45.0&cb=86736276784&lsavail=1

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 1 KB
2 KB 349ms
145ms Fetch
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2246bdf3a6768f364%22%3A%226f74768219593b12b11a%7C250x250%2C320x50%2C320x100%2C336x280%2C300x250%7Cgpid%3D%2F2507246%2C5856%2Fwashingtontimes.com_Web_300x250_cmt_4%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&s=254d7e42-2d90-42e1-9f3b-97270948e4f7&pv=166ed97f-cd73-4077-96dc-736af0475b68&vp=desktop&lib_name=prebid&lib_v=8.45.0&us=50&iqid=%7B%22pcid%22%3A%22d68ff2fc-8966-42c7-95f7-e9d2cca6e1f5%22%2C%22pcidDate%22%3A1721407075177%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22washingtontimes.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22washingtontimes.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22de%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%225dc782e7-68d1-45b6-be7b-16a6cd9812a3%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d21166af-2afa-4426-811a-ae5628bb457c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e0e4d50e4844e46ea8ac540fc8a6565f5eafbb0d75ea1cf1193bae8b8b091508

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-112
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 713
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
132 B 57ms
56ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e9b18f1ea672712de98ffd6db352910d79e3681ed7e1febaae718c24a6b96e95

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
content-encoding: gzip
via: 1.1 google
observe-browsing-topics: ?1
vary: Origin
x-forwarded-for: 80.255.7.102
content-type: text/plain
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 openrtb Show response
ex.ingage.tech/v1/ 520 B
716 B 392ms
316ms Fetch
application/json 2606:4700:4400::ac40:9296
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4af6210e6e5654ab134680a7d46375c36147a028f7de9a2411c6b462f4be600e

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
cf-ray: 8a5c238e19869f4e-FRA

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 84 B
431 B 142ms
109ms Fetch
application/json 34.255.106.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.255.106.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-106-40.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: bc7c69b3ebfa6cc4b83c572daef3d1379474d157dd9dad051085f688cdbc0454

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
server: istio-envoy
x-reason: maxmind anonymous
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.washingtontimes.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 106ms
90ms Fetch 147.75.80.51
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.80.51 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: omni-am6-o8cfqa
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

x-nbr: 1
date: Fri, 19 Jul 2024 16:37:54 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
access-control-allow-origin: https://www.washingtontimes.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
833 B 85ms
59ms Fetch
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b4bb792085dcf7c285b98169562b0ffec817818dc522170d940d2f53491672ba

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:55 GMT
an-x-request-uuid: fefc77e6-4206-4688-8034-7236f74799cb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.102; 80.255.7.102; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 488 B
838 B 127ms
122ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=771344&size_id=15&alt_size_ids=14%2C16%2C43%2C117&rp_schain=1.0,1!insticator.com,5dc782e7-68d1-45b6-be7b-16a6cd9812a3,1,,,&eid_pubcid.org=d21166af-2afa-4426-811a-ae5628bb457c%5E1&rf=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&tg_i.domain=washingtontimes.com&tg_i.page=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&tg_i.pbadslot=%2F2507246%2C5856%2Fwashingtontimes.com_Web_300x250_cmt_3&tk_flint=pbjs_lite_v8.45.0&l_pb_bid_id=592859c904c82e6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F2507246%2C5856%2Fwashingtontimes.com_Web_300x250_cmt_3&m_ch_mobile=%3F0&slots=1&rand=0.7303840485815376
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 93703314df7fbdbe428b2110a17479eb2f9e72b6746a365e7863f1053f14dc06

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:55 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 488
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 openrtb Show response
ex.ingage.tech/v1/ 521 B
719 B 360ms
300ms Fetch
application/json 2606:4700:4400::ac40:9296
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7341c756d4764bdc91ae5b1870b47e69aae36f7492fa09e5875386f394b0fad

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
cf-ray: 8a5c238e19879f4e-FRA

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
832 B 76ms
58ms Fetch
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

dd35ce1c67491a7648b4b4641b1f946047e0f8b291c3acf2c580d39a21736427

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:55 GMT
an-x-request-uuid: 0d2503b6-7a05-4e2f-aa15-f95bee4810ca
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.102; 80.255.7.102; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 84 B
432 B 77ms
56ms Fetch
application/json 34.255.106.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.255.106.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-106-40.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: d69b5e9bc8bcdd711f2b9b16d268aa83889f3441067c42fa7664602993b66605

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
server: istio-envoy
x-reason: maxmind anonymous
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.washingtontimes.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
229 B 46ms
43ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.45.0&cb=15071052586&lsavail=1

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 24 B
274 B 108ms
61ms Fetch
application/json 54.171.243.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.45.0
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.171.243.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-243-181.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bcb6cc801807305212190519cb6d59acaabf12e6ad20b80fc3d879a6f514f31b

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 94ms
90ms Fetch 147.75.80.51
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.80.51 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: omni-am6-o8cfqa
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

x-nbr: 1
date: Fri, 19 Jul 2024 16:37:54 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
access-control-allow-origin: https://www.washingtontimes.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
132 B 51ms
48ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 1ce267c706ab31277fabfb14c8527a6cfcbe159581c485210517b5a2ea5655a0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
via: 1.1 google
observe-browsing-topics: ?1
vary: Origin
x-forwarded-for: 80.255.7.102
content-type: text/plain
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 1 KB
2 KB 469ms
285ms Fetch
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2275763f44afeb0d8%22%3A%22d3b28cfd9faed88fa139%7C250x250%2C320x50%2C320x100%2C336x280%2C300x250%7Cgpid%3D%2F2507246%2C5856%2Fwashingtontimes.com_Web_300x250_cmt_3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&s=b3e30c1a-50db-4885-8e3e-bc17937e8139&pv=166ed97f-cd73-4077-96dc-736af0475b68&vp=desktop&lib_name=prebid&lib_v=8.45.0&us=50&iqid=%7B%22pcid%22%3A%22d68ff2fc-8966-42c7-95f7-e9d2cca6e1f5%22%2C%22pcidDate%22%3A1721407075177%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22washingtontimes.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22washingtontimes.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22de%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%225dc782e7-68d1-45b6-be7b-16a6cd9812a3%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d21166af-2afa-4426-811a-ae5628bb457c%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

fd124923f99aeb015322c05b5885d6554ef5b036bd4a1b676c63f9127574fe8b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-220
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 714
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 131ms
43ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
date: Fri, 19 Jul 2024 05:04:18 GMT
x-amz-cf-pop: FRA56-P6
age: 55758
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: pFvkLCBNaWwJsOIjnQ4nIT2a2d5QHsgJIMseXNf5O-MuP-up9v5C4w==

GET
H3 200 si
capi.elements.video/tr/ 0
246 B 102ms
98ms Image
application/json 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.elements.video/tr/si?token=d7fd0c30-fd64-4fed-bc68-315d01e44232&cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8a5c238d0d2258f6-TXL
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://www.gstatic.com/prose/brandjs.js

14 KB
0

0ms
0ms

Script
text/javascript

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 12:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 20 Jul 2024 12:01:36 GMT

Redirect headers

date: Fri, 19 Jul 2024 16:34:56 GMT
x-content-type-options: nosniff
server: sffe
age: 178
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 19 Jul 2024 17:04:56 GMT

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202407090940/ 284 KB
101 KB 57ms
56ms Script
application/javascript 104.18.20.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.20.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: XNRCFRQ49R7BE9XC
age: 862716
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 103346
x-amz-id-2: 2MQNrkMYGQsTMdiGLz7UBmZDsRB0jCDEm4FIwKmBXoZNDih73MKrvkes0Lp4/jSkDCTB84ej5LY=
last-modified: Tue, 09 Jul 2024 14:20:21 GMT
server: cloudflare
etag: "76074361c87e7c8d3af88302818b71f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8a5c238d184fbbc0-WAW

GET
H2 204 state Show response
api.btloader.com/mw/ 0
102 B 250ms
156ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=4879373895204864&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Jul 2024 16:37:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
919 B 147ms
56ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1276172
x-guploader-uploadid: ABPtcPoL0XC8KArbJKu6QSTO5pu3I7XO1ez8eat0_1lzuzKPQaVq7bmvAaf7dM4JhcAllFEoxdxPFL7-Zw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCLeYeliUUsbX%2FRkQ8ke1yigSqnDlhkHkcm1Q2BvzWsD7O0dUrWXEdZw0xL6Pe6LVazxbNdufy%2BO2xQ7aPI%2BQrbX5ONctJYLGduEyU61kPgnWqBrKyBuNb6VJU7J3NpchBx7hAUvwhwzU2reNg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8a5c238daf6391e9-FRA
expires: Thu, 04 Jul 2024 23:05:42 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 112ms
43ms Image
image/x-icon 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 07:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 Jul 2024 07:18:25 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
338 B 147ms
56ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.6429601455624838
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1276172
x-guploader-uploadid: ABPtcPoL0XC8KArbJKu6QSTO5pu3I7XO1ez8eat0_1lzuzKPQaVq7bmvAaf7dM4JhcAllFEoxdxPFL7-Zw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6wwQSISfmFrTLNdYp6UI%2F58QiKf%2FxxKegUY14cHj9zs7CHqevdlSNlJy0Jpb9BEF0Yhx8L6t1US6HJW1NQwDnKnZ%2FF3PSO2maHCitRwI00kPFS4yYPTM7ctsksCaMfGbwZCw18Lpu84vcOGbg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8a5c238daf6091e9-FRA
expires: Thu, 04 Jul 2024 23:05:42 GMT

GET
H2 200 AGSKWxXks3PNKO-D-vMWGVG7Nc8Y-9gzt3pMXDhajgoKWAxDg3UaSHRS1gXGy7fArzaxXhjwQ13GiXAILbG4nB-CZZ6ME19yB80jffvHQFNSmcPmFhb_gV5k7pCmz2JD2FtCWuFTU3EVcQ== Show response
fundingchoicesmessages.google.com/f/ 423 KB
63 KB 152ms
151ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXks3PNKO-D-vMWGVG7Nc8Y-9gzt3pMXDhajgoKWAxDg3UaSHRS1gXGy7fArzaxXhjwQ13GiXAILbG4nB-CZZ6ME19yB80jffvHQFNSmcPmFhb_gV5k7pCmz2JD2FtCWuFTU3EVcQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIxNDA3MDc1LDM4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cud2FzaGluZ3RvbnRpbWVzLmNvbS9uZXdzLzIwMjMvb2N0LzkvaGFja2Vycy11c2VkLXgtdGFyZ2V0LWNvbmdyZXNzLXNweXdhcmUtYW1uZXN0eS1pbnQvIixudWxsLFtbOCwiV1ZjZUNha21sT1UiXSxbOSwiZGUiXSxbMjIsInRydWUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MTkxXSxudWxsLDldIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.WVceCakmlOU.es5.O/am=GgY/d=1/rs=AJlcJMxccNHV79gdoIY47tbTlKA6zmBG9g/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1d9e8dc9d1d9412685c64fc9992900839b14b9d633644a238949d31985f61e5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4L0tIP6DoI4zNFRjwnU_rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4L0tIP6DoI4zNFRjwnU_rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw1pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLiJREXWQ8lXmQ9-Pgi60kgNlS4xOoIxEI8HI_XvNrCJnBg2_f3jEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBuaGZnoGZvEFBgDcVj0i"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
comment.instiengage.com/live/loader/ 125 KB
0 716ms
716ms Script
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: https://comment.instiengage.com/live/loader/loader.js
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/dff2a308-b1e2-451c-a49a-adadd8636788.js
Protocol: H2
Server: -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9408f8828e0c4ea26976ac1a2932aafefdb04933a7e16bbe4f8663c4eca8de44

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: gzip
via: 1.1 9c7ba0aaf8652834e3f6b51b901da726.cloudfront.net (CloudFront)
x-amz-version-id: AwS5_priJJQR5YKfGpyrByvSIFWaBHkg
last-modified: Wed, 03 Apr 2024 11:35:59 GMT
server: AmazonS3
age: 52
x-amz-cf-pop: AMS58-P6
etag: W/"0b0c07ce850ce768be909fcaefa76063"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=60
x-amz-cf-id: 6A59fNpRSS4Tr2vAs1e9prfAX8oPBxEF9VDyc4enf36dxUgBwLycaw==

GET
H3 200 player.dc.js Show response
cds.elements.video/p/511634/ Frame 2514 495 KB
117 KB 52ms
51ms Script
application/javascript 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/elLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f33021ca85f73bfdfad6d2fe6348c0f8609151b2e3b329bba87575f75b63a98

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: br
x-amz-version-id: IMwT_tXPmVUNm641vlyJnJiQCqM0khM.
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 118898
last-modified: Fri, 19 Jul 2024 12:58:21 GMT
server: cloudflare
etag: "862b0a91a8e1be12c9cdcaf00385a221"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8a5c238d5dde58f6-TXL
access-control-allow-headers: range
expires: Sat, 19 Jul 2025 16:37:55 GMT

GET
H3 200 si
capi.elements.video/tr/ 0
246 B 119ms
119ms Image
application/json 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.elements.video/tr/si?token=b2964f72-d551-44a1-9f8a-2a77c029ab39&cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8a5c238d7e3a58f6-TXL
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

200

1419779
html5-player.libsyn.com/embed/episode/id/32215092/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/ Frame 98A8
Redirect Chain

https://html5-player.libsyn.com/embed/destination/id/1419779/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/
https://html5-player.libsyn.com/embed/episode/id/32215092/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779

0
0

302ms
302ms

Document
text/html

204.16.247.184
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://html5-player.libsyn.com/embed/episode/id/32215092/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.247.184 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.washingtontimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-length: 12102
content-type: text/html; charset=UTF-8
date: Fri, 19 Jul 2024 16:37:56 GMT
server: Apache
vary: Accept-Encoding
x-libsyn-host: v74pl-02

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 19 Jul 2024 16:37:56 GMT
location: /embed/episode/id/32215092/height/90/theme/custom/thumbnail/yes/direction/backward/no-cache/true/render-playlist/yes/custom-color/b5101f/destination_id/1419779
server: Apache
x-libsyn-host: v74pl-02

GET
H2 200 170 Show response
a.ads.rmbl.ws/warp/ 8 KB
3 KB 795ms
156ms Script
application/javascript 38.70.189.72
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ads.rmbl.ws/warp/170?r=97837
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.70.189.72 Toronto, Canada, ASN399647 (RUMBLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a42f3aea93725922fa800e1a132002819882cb23c4235b4f971e1a71dedf9d2

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: gzip
server: nginx
etag: W/"57dc4605b0e44e1f17c25e64f5c273a5"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=900
access-control-allow-credentials: true
referer: d2.ads.rmbl.ws

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
10 KB 198ms
46ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
etag: "tIg8n6xaLBY4WwNLLw9OGA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 26 Jul 2024 16:37:55 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 146ms
41ms Script
application/javascript 2a02:26f0:480:15::213:7e63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:15::213:7e63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jul 2024 09:19:33 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=27850
accept-ranges: bytes
content-length: 14011

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 18 KB
5 KB 42ms
40ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5195
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:19:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Jul 2024 16:48:33 GMT

GET
H2 200 speechifyapi.min.mjs Show response
storage.googleapis.com/speechify-api-cdn/ 1 MB
1 MB 144ms
43ms Script
text/javascript 2a00:1450:4001:80e::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/speechify-api-cdn/speechifyapi.min.mjs
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f48c6af8ff4f8b6371bc365c303dad5bf7b08a96ac967fba29aea52d5499ab41

Request headers

Referer: https://www.washingtontimes.com/
Origin: https://www.washingtontimes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 15:43:18 GMT
age: 3277
x-guploader-uploadid: ACJd0Nra6GCN_x1Wvk4c1OJOL7Jwgn48gOY2o8_8i6lvzVtvLc-ra8FzkIjfzNARPWUiD3I6hQU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1064164
last-modified: Fri, 10 May 2024 12:35:31 GMT
server: UploadServer
etag: "ee362037f44be80cc66f446cd85e2709"
x-goog-generation: 1715344531707463
x-goog-hash: crc32c=HSN8eA==, md5=7jYgN/RL6AzGb0Rs2F4nCQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 1064164
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 19 Jul 2024 16:43:18 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 142ms
41ms Script
text/javascript 18.244.18.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: s.newsmaxfeednetwork.com
URL: https://s.newsmaxfeednetwork.com/static/js/connectV5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 04:02:05 GMT
content-encoding: gzip
via: 1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 13:20:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 45351
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: I841RxrmQqkz4b38bsMFGIBzW57QAZtfnuqKHVghcSNh2n9Pne4etQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 259 KB
88 KB 170ms
60ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRFBMGL

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4534bf84a80bb80d23be50aac9b720d1e572d7a990fdb2c1c0b1c800c2eb394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89446
x-xss-protection: 0
last-modified: Fri, 19 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jul 2024 16:37:55 GMT

GET
H3 200 load Show response
experience.tinypass.com/xbuilder/experience/ 6 KB
2 KB 127ms
65ms Script
application/javascript 104.18.223.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=hph4LAYuC6

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c33a7b3c541b3151517bdaaffeb1b40947d6e0da97af38528550a2166b40953e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
date: Fri, 19 Jul 2024 16:37:55 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 19 Jul 2024 16:35:39 GMT
server: cloudflare
age: 136
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 8a5c238e8abab61b-WAW
alt-svc: h3=":443"; ma=86400
x-request-id: jacp5ade7f
expires: Fri, 19 Jul 2024 17:07:55 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 32 KB
9 KB 585ms
473ms Script
text/javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&idx=0&rand=84055&widgetJSId=AR_1&va=true&et=true&format=html&px=187&py=1816&vpd=616&settings=true&recs=true&cw=877&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&obRecsAbtestVars=1550:5795&wdr-attribution-src=1&activeTab=true&gpp=DBAA&gpp_sid=&version=2010866&sig=4T6VcHTo&apv=false&osLang=de-DE&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpaStat=0&ogn=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&pubcid=d21166af-2afa-4426-811a-ae5628bb457c

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9705a34db75946b8138b979786bf263a534ce00d1433fc83c1268ec0da69f1a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-served-by: cache-lga21925-LGA, cache-fra-etou8220123-FRA
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Fri, 19 Jul 2024 16:37:56 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1721407076.675179,VS0,VE432
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-traceid: 835c0b0fc30d26069f885a9cbe67572b
accept-ranges: bytes
content-length: 9368
x-cache-hits: 0, 0

POST
H2 200 e
analytics.shareaholic.com/ 43 B
387 B 570ms
122ms Ping
image/gif 3.224.42.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.shareaholic.com/e

Requested by

Host: cdn.openshareweb.com
URL: https://cdn.openshareweb.com/v2/3d3dde91/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.224.42.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-42-41.compute-1.amazonaws.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	referrer always

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:56 GMT
content-security-policy: referrer always
vary: Origin
content-type: image/gif
access-control-allow-origin: https://www.washingtontimes.com
p3p: CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
referer-policy: unsafe-url
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 494ms
39ms Image
image/gif 2600:9000:20ab:3e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adspot_id=zaaegs_728x90_
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:3e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 18:45:22 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 1d14130822f7563ef82bba830d521f72.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 251555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: uVowzzFVgWJE67IlPIsrnXoEIeqtnjsyyvFKDJn6-Fs1y0dOI6n7lg==

GET
H2

200

main.js Show response
www.washingtontimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/ Frame A752
Redirect Chain

https://www.washingtontimes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.washingtontimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?

8 KB
4 KB

51ms
50ms

Script
application/javascript

104.22.58.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.washingtontimes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Server

104.22.58.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20d4a2936d7b7d45d7c34f7363e47dd07a0d70bedb797a02ab84131802845cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8a5c238f99839b95-FRA

Redirect headers

date: Fri, 19 Jul 2024 16:37:55 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bbfecc7f1c71/main.js?
access-control-allow-origin: *
cache-control: max-age: 300, public
cf-ray: 8a5c238ed8a79b95-FRA
content-length: 0

GET
H2 200 country Show response
api.btloader.com/ 37 B
154 B 152ms
151ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=4879373895204864
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=4879373895204864&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37

GET
H2 200 6f8126c3-a155-4a34-b3e2-e7679af6a9ed Show response
config.aps.amazon-adsystem.com/configs/ 563 B
839 B 458ms
46ms Script
application/javascript 18.238.243.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/6f8126c3-a155-4a34-b3e2-e7679af6a9ed
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-114.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3de6ce02d81c47f468c8047734e2322cb51ae94a96a16ea497d1a9b99cd43514

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:15:06 GMT
via: 1.1 0be6ab2f92b7567e05a874f049abbbe6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
age: 1370
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: O0tAhU8u6-XCqP2JM_SqEbgNZ-2ORqS1xvZAPoW-Q3OGtcVeh0DEqw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
315 B 41ms
41ms XHR
text/plain 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.washingtontimes.com&pubid=6f8126c3-a155-4a34-b3e2-e7679af6a9ed
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 14:23:58 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 8036
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.washingtontimes.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: zKtRjqJQERJsbxw4DopTgc6oSoLYrYJfSXt0ibTnbKOkeE0rHgymsA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
364 B 464ms
65ms XHR
text/javascript 18.239.68.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&pid=wENojy0i7iPYi&cb=0&ws=1600x1200&v=24.620.1905&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-leaderboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F5856%2FDesktop_InFeed1_Articles%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-right-sidebar-top%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5856%2FDesktop_RR_Articles_Top%22%7D%5D&gpp=DBAA&gpp_sid=%5B-1%5D&pubid=6f8126c3-a155-4a34-b3e2-e7679af6a9ed&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.68.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-68-199.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
via: 1.1 52565866975cd7c0daa261ea0388bad4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 2kq0u4yhRws6fx268H82IqWN_V4KVt6NXrOvy6ett5Zh_RwOgbWH0A==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
202 B 485ms
119ms Image
image/gif 34.239.11.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=washingtontimes.com&p=%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&u=DyemxwCYWVxtCO1F4T&d=washingtontimes.com&g=4188&g0=Technology%2CPolitics%2CSecurity%2CNews%2CMedia-Spotlight&g1=Ryan%20Lovelace&g4=story&n=1&f=00001&c=0&x=0&m=0&y=6930&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&b=1475&t=DSJru1DRaaQwCkJ-acBKek6WSSKlJ&V=147&i=Hackers%20used%20X%20to%20target%20Congress%20with%20spyware%2C%20Amnesty%20International%20finds%20-%20Washington%20Times&tz=-120&sn=1&sv=Bg7mE1zUxHsD3J3jgDdwiFdCO-GD3&sr=external&sd=1&im=067b0fff&_
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.11.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-11-115.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 19 Jul 2024 16:37:56 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 403ms
41ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Jul 2024 16:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 529
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 19 Jul 2024 18:29:07 GMT

GET
H3 200 player.renderer.js Show response
cds.elements.video/p/511634/ Frame 2514 190 KB
44 KB 46ms
45ms Script
application/javascript 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.elements.video/p/511634/player.renderer.js
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab34ca3a969911eb45a512f40a7218e8ba0bea222fc5647592a85c91d1cd12ff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: br
x-amz-version-id: 7TKKv2WIIJTvEK87lNVRZvDiCCezn93A
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 44793
last-modified: Fri, 19 Jul 2024 12:58:21 GMT
server: cloudflare
etag: "ebf553d9f6bd22f6c8d1319c3d23cb75"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8a5c238f6b2758f6-TXL
access-control-allow-headers: range
expires: Sat, 19 Jul 2025 16:37:55 GMT

GET
H3 200 cSyncRemoteEntry.js Show response
cds.connatix.com/p/511634/ Frame 2514 3 KB
2 KB 384ms
49ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/511634/cSyncRemoteEntry.js
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8883a5e3f096c8b08956df2a061298e876e0043cc0417e6746eeb3f9a76e1d3

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
x-amz-version-id: cnyUWw0WMVjCTh_a0fFj7MCksD5EvLHU
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 1388
last-modified: Fri, 19 Jul 2024 12:58:21 GMT
server: cloudflare
etag: "4f83f23d99652db8f0d21a14a262e368"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8a5c23917ae22681-TXL
access-control-allow-headers: range
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 player.style.52318d4929b22060dcf5.css
cds.elements.video/a/ 68 KB
10 KB 45ms
45ms Stylesheet
text/css 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.elements.video/a/player.style.52318d4929b22060dcf5.css
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0850b288a730703666e701e56750707d575cb1f006198408522077397d230462

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: br
x-amz-version-id: Q_0ERquzc1PrahEf5qgIKQL7vbGbfzbY
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 9478
last-modified: Fri, 07 Jun 2024 15:26:47 GMT
server: cloudflare
etag: "f452c7f53d15aaba9fb8402572bb74b0"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8a5c238f6b4058f6-TXL
access-control-allow-headers: range
expires: Sat, 19 Jul 2025 16:37:55 GMT

GET
H3 200 player.hls.ad2373c1304fcff516f1.js Show response
cds.elements.video/a/ 289 KB
75 KB 45ms
45ms Script
application/javascript 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.elements.video/a/player.hls.ad2373c1304fcff516f1.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2bfb590ba3c1f4f497158378e86feab61b35d3dfff70bafaea88037ebe16d88

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: br
x-amz-version-id: 075w_KBQA2GsqvGvbq_RGaThg0Rt1Ajr
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 76447
last-modified: Thu, 18 Jul 2024 10:22:23 GMT
server: cloudflare
etag: "1204ed7b03902c73a8cd0b29a67a6685"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8a5c238f6b4458f6-TXL
access-control-allow-headers: range
expires: Sat, 19 Jul 2025 16:37:55 GMT

GET
H3 200 player.ads.js Show response
cds.connatix.com/p/511634/ Frame 2514 395 KB
88 KB 381ms
52ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/511634/player.ads.js
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab85ec4903b21c7c322759f925d40a57a22b0912b7c61f79dcb5f3ad00503608

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
x-amz-version-id: q_kec6stwa0I3XuFIJGUZALo4RcN6.qs
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 90029
last-modified: Fri, 19 Jul 2024 12:58:21 GMT
server: cloudflare
etag: "27aa7e41e7022c63231858df1176e84d"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8a5c23917ae62681-TXL
access-control-allow-headers: range
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 204 pv Show response
api.btloader.com/ 0
12 B 155ms
154ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=ve7FVgYSEg&w=5089150826446848&o=4879373895204864&cv=2.1.46-1-ge6dd43d&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&sid=9t5baWbDu3&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=4879373895204864&upapi=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Jul 2024 16:37:55 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
841 B 479ms
184ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=1586410&time=1721407075757&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: gzip
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A53DE1AB90D8404DB62DD7C895ABEC1C Ref B: DUS30EDGE0814 Ref C: 2024-07-19T16:37:56Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-li-source-fabric: prod-lva1
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
x-cache: CONFIG_NOCACHE
access-control-allow-headers: *
x-li-uuid: AAYdnFFJKngwl08WTndqmw==
x-fs-uuid: 00061d9c51492a7830974f164e776a9b

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1586410&time=1721407075757&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1586410&time=1721407075757&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int...

0
266 B

360ms
248ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1586410&time=1721407075757&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&e_ipv6=AQK-A0egDGRiuQAAAZDL23c8NkwsKW23AjZvrmVlxXUrbQATMcoyVegPzZ_4lpyDSUhHNEg
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 26B3C48AB7B746AF964B112130BE3BDA Ref B: FRAEDGE1318 Ref C: 2024-07-19T16:37:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYdnFFOPpmVrvPzlBGULg==

Redirect headers

date: Fri, 19 Jul 2024 16:37:56 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: DAAA76CF81C647CBB098D2665FB77AB8 Ref B: DUS30EDGE0711 Ref C: 2024-07-19T16:37:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1586410&time=1721407075757&url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&e_ipv6=AQK-A0egDGRiuQAAAZDL23c8NkwsKW23AjZvrmVlxXUrbQATMcoyVegPzZ_4lpyDSUhHNEg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYdnFFJqjIrWUWnsvI6iQ==

GET
H2 204 b2
sb.scorecardresearch.com/ 0
224 B 43ms
42ms Image
text/plain 18.244.18.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=9248945&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1721407075759&ns_c=UTF-8&c3=100000&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=0&cs_cmp_id=9&cs_cmp_sv=6&cs_cmp_rt=1&cs_fpcd=1&c7=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&c8=Hackers%20used%20X%20to%20target%20Congress%20with%20spyware%2C%20Amnesty%20International%20finds%20-%20Washington%20Times&c9=
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-122.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
via: 1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-amz-cf-id: CjrnCvK2g_r4Sblct96tfbpnIWLA60u41TsQt7DOFAo7B6NdaPYz4A==
x-cache: Miss from cloudfront

GET
H2 200 rules-p-c69_1G6fdlihY.js Show response
rules.quantcount.com/ 1 KB
1 KB 137ms
42ms Script
application/javascript 2600:9000:223c:7e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-c69_1G6fdlihY.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df7cf75f915b949fcf5b71529fc41e71e2e3d34ca275cb0f9cfcdbfe790fc678

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:00:01 GMT
content-encoding: gzip
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2293
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 14 Oct 2022 06:29:52 GMT
server: AmazonS3
etag: W/"bc785060f6cf873aa2614826e5d98163"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: jonqCD2cO8kIygtlZTDZ44zWAzPU_WMtd5_AcSNk_69x-kYRgMFLbQ==

GET
H3 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 402 KB
119 KB 84ms
75ms Script
application/javascript 104.18.223.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js?version=2

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=hph4LAYuC6

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

647e7e180d8ac352dfbecb9f85ee91524c56b80aec02b65da3c62297212f2f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
x-amz-version-id: UKg12w0B0wvkOhN1MVAkFvuX52DBQghH
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: S3RTC1YR14WB4082
age: 5332
x-amz-server-side-encryption: AES256
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: YR+s9sFtDWyp9VBV2ivxI/BnomAEO5CShxQ7khQkiiULj4JCO1dmrZ+xlfu48XKXCyklsuUZziNx39WMEyFUZQ==
last-modified: Wed, 17 Jul 2024 07:06:45 GMT
server: cloudflare
etag: W/"b034c24ae4b2b5747412ac89a4d29bc5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8a5c2391dea5b61b-WAW
expires: Fri, 19 Jul 2024 20:37:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
100 KB 61ms
59ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2KS4V69VVW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRFBMGL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5aff8f6ac69e5d6dcfda9cf522352ea2dafaf9e89435d08cd9f8d1312ce021e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102466
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 Jul 2024 16:37:55 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 141ms
40ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRFBMGL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220126-FRA

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 147ms
41ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b4875b0fdafde57e054fd846053f25f22afbe89f3fc3adae15f01b0328d2f0e7

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
x-cdn: fastly
etag: "62a16567a3d56a4149035792551d5ebf"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1882

GET
H2 200 a-01en.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 214ms
45ms Script
application/javascript 2600:9000:275d:2600:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01en.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRFBMGL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:2600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c10da6675b0d4498f7f2093a788cec50e35e20cd249f633e11d29c9c7709d34b

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 14:36:23 GMT
content-encoding: gzip
via: 1.1 39cfa117a3536e9c0afd90708900b558.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 7293
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: zsx3ayrFqcqSbwK7vBdQ6kCeVOK0iGfY-9o1AciW4UFjl__Oo8UC9Q==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
58 KB 44ms
43ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 Jul 2024 16:37:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=21, mss=1297, tbw=6635, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: r45TCarrMBa9OPot19xPzgPfwKe2p87nzI3s801cgT8LQsyRVUdm1nourIazArZo2j3ugm9U+nRo4plXac596A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 570 KB
179 KB 222ms
69ms Script
application/x-javascript 23.192.241.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRFBMGL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.192.241.163 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-192-241-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 108aeec86aa00a09dfaca605f722e937d64c9e51d82a64509cc3b9b9dbbf7a84

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 19 Jul 2024 16:37:56 GMT
Content-Encoding: gzip
x-amz-request-id: C742DP3MVKNMR7JT
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: EOl1O5CaAR1E2w2anSj5tI/peRH3CxrC1AN229SyF5R3GAbucfmOHhKQDTPc9FnHfcH8lyLWAGY=
Last-Modified: Wed, 17 Jul 2024 17:15:04 GMT
Server: AmazonS3
ETag: "2fa2284ed5b3839e70519382fdad876f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 43ms
43ms Image
text/plain 18.244.18.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=17692074&ns__t=1721407075789&ns_c=UTF-8&c8=Hackers%20used%20X%20to%20target%20Congress%20with%20spyware%2C%20Amnesty%20International%20finds%20-%20Washington%20Times&c7=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&c9=
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-122.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:55 GMT
via: 1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-amz-cf-id: p9LiSyflotn-lx_5K7ZHfAYwThepeLbCfu-MYGSmCjEgH8t_OADfNQ==
x-cache: Miss from cloudfront

POST
H2 200 8a5c2386ac0b9b95 Show response
www.washingtontimes.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A752 0
392 B 118ms
113ms XHR
text/plain 104.22.58.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.washingtontimes.com/cdn-cgi/challenge-platform/h/b/jsd/r/8a5c2386ac0b9b95
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.58.64 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
server: cloudflare
cf-ray: 8a5c2391ac6f9b95-FRA
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 204 client-voices
audio.api.speechify.com/v1/synthesis/ Frame 0
0 181ms
77ms Preflight 2606:4700:20::681a:1ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio.api.speechify.com/v1/synthesis/client-voices
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: contenttype
Access-Control-Request-Method: GET
Origin: https://www.washingtontimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: contenttype
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin: *
access-control-allow-private-network: true
cache-control: no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8a5c2392d87291f5-FRA
date: Fri, 19 Jul 2024 16:37:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NItbSOkDfCnjwF7Tv5UHFKm%2BgDGnJK6oeqAp2Q5UXfND%2B5LZ%2B0MxnSARkpZnhrmvctIJ2o5rkovOM8txpbzh2Z66PMDxIdIq%2FVunttYSPATU%2BqwzL4K3%2B%2FBXm%2Fmc96f3qL6Y2G4km9LhcJXaxZH0XESZIcAU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-envoy-upstream-service-time: 1

GET
H2 200 client-voices Show response
audio.api.speechify.com/v1/synthesis/ 183 KB
13 KB 527ms
525ms Fetch
application/json 2606:4700:20::681a:1ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio.api.speechify.com/v1/synthesis/client-voices
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/speechify-api-cdn/speechifyapi.min.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a94c5c23d5a0f81c866631d8fa57ef092d09b5237217b3a5b977883611936794

Request headers

ContentType: application/json
Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RH3e%2FO1LctsCJRbwLG7aXtczmU%2BfDapk9pw2dIaidoRz7cWfptObIzzRWeF3MnrJxFpy%2B7vaOxXwvrNLXQV7eluiMatc3rV2rKRBWQSJkwadwORhvzZXxBzmL4iuNGK%2B8vxwcWjym%2BHZYSswEFN%2BhM9eIScr"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, max-age=0
x-envoy-upstream-service-time: 437
cf-ray: 8a5c2393590d91f5-FRA

POST
H2 201 track-analytics-event Show response
speechify-api-dot-speechifymobile.uc.r.appspot.com/ 48 B
144 B 157ms
155ms Fetch
application/json 2a00:1450:4001:808::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://speechify-api-dot-speechifymobile.uc.r.appspot.com/track-analytics-event

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/speechify-api-cdn/speechifyapi.min.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

d2fbaa43d35e58cf0a91206dbcebc3871939f28aa5a34aa6f0606c5cd2fc6006

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 google
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48
x-xss-protection: 0
referrer-policy: no-referrer
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-download-options: noopen

OPTIONS
H2 204 track-analytics-event
speechify-api-dot-speechifymobile.uc.r.appspot.com/ Frame 0
0 281ms
155ms Preflight 2a00:1450:4001:808::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://speechify-api-dot-speechifymobile.uc.r.appspot.com/track-analytics-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.washingtontimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Fri, 19 Jul 2024 16:37:56 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H3 200 567611540109994 Show response
connect.facebook.net/signals/config/ 58 KB
12 KB 43ms
42ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/567611540109994?v=2.9.162&r=stable&domain=www.washingtontimes.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

bd76f4e7aa1b4be0db3994a92b3730976dac96058df0e8bea23f8f5661cc5663

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 Jul 2024 16:37:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12132
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4311, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: NaXwJJGs2m6E3U1Qn3+CMxe9c1S0GSxm62rorATXO65qkQLKhDROMVyRYAmb1UuHK5lW4wMYhZt3sF+wYyZ+6Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 158ms
60ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2KS4V69VVW&gtm=45je47h0v878012093z877303859za200zb77303859&_p=1721407075502&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=1645011703.1721407076&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721407076&sct=1&seg=0&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&dt=Hackers%20used%20X%20to%20target%20Congress%20with%20spyware%2C%20Amnesty%20International%20finds%20-%20Washington%20Times&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2133&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2KS4V69VVW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
261 B 162ms
51ms Ping
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2KS4V69VVW&cid=1645011703.1721407076&gtm=45je47h0v878012093z877303859za200zb77303859&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2KS4V69VVW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 132ms
79ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2KS4V69VVW&cid=1645011703.1721407076&gtm=45je47h0v878012093z877303859za200zb77303859&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=1182001759

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 295.js Show response
cds.connatix.com/p/511634/ Frame 2514 67 KB
18 KB 44ms
43ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/511634/295.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/511634/cSyncRemoteEntry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5f0592d6b37a521bd1070b351dcd6d8e89593a7935e2191c547197705037fd2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
x-amz-version-id: 7Jq_AXJ_ID2Gbq493t6zRTkuKnT.dn28
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 17835
last-modified: Fri, 19 Jul 2024 12:58:21 GMT
server: cloudflare
etag: "3acba857dd7bcce9ef901caad84f1edf"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8a5c23937f262681-TXL
access-control-allow-headers: range
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 229.js Show response
cds.connatix.com/p/511634/ Frame 2514 10 KB
3 KB 43ms
43ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/511634/229.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/511634/cSyncRemoteEntry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa772f57f2b74692562e1bed1694f4ac7d90a33ed53e502271c84f38dcd2386c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
x-amz-version-id: 9Jy4WVjbDQue1h6BCSKBMveRMNJGyC82
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 3113
last-modified: Fri, 19 Jul 2024 12:58:21 GMT
server: cloudflare
etag: "07b7cf66b59f335acddf0dd4a89c5631"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8a5c23937f292681-TXL
access-control-allow-headers: range
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 402.js Show response
cds.connatix.com/p/511634/ Frame 2514 3 KB
1 KB 43ms
43ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/511634/402.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/511634/cSyncRemoteEntry.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0f1143c41b5f573c5e204b39f278e90e2efce4966becf24a1686e24c8f8816c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
x-amz-version-id: 7jhSfmC58vqDSfoU7dUD6pSBTQmRUaXo
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 1162
last-modified: Fri, 19 Jul 2024 12:58:21 GMT
server: cloudflare
etag: "2ba952610b59bbb156556e62bc8f6523"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8a5c23937f2d2681-TXL
access-control-allow-headers: range
expires: Sat, 19 Jul 2025 16:37:56 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
215 B 50ms
50ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=305308096&t=pageview&_s=1&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&dp=%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&ul=de-de&de=UTF-8&dt=Hackers%20used%20X%20to%20target%20Congress%20with%20spyware%2C%20Amnesty%20International%20finds%20-%20Washington%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABCAAAACAAI~&jid=2101412021&gjid=1945748024&cid=1645011703.1721407076&tid=UA-3328123-2&_gid=817745034.1721407076&_r=1&_slc=1&gtm=45He47h0n81TRFBMGLv77303859za200&cd1=Story&cd2=Anonymous&cd3=politics&cd4=news&cd5=Ryan%20Lovelace&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&npa=1&z=347366576

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getContentIdByUrl Show response
comment.instiengage.com/live/comments/api/comments/ 79 B
521 B 277ms
169ms Fetch
application/json 2606:4700:4400::ac40:90fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://comment.instiengage.com/live/comments/api/comments/getContentIdByUrl?integrationId=172bad30-6d59-40f0-b6d9-73707f6e99d8&pageTitle=Hackers%20used%20X%20to%20target%20Congress%20with%20spyware%2C%20Amnesty%20International%20finds%20-%20Washington%20Times&imageUrl=https%3A%2F%2Ftwt-thumbs.washtimes.com%2Fmedia%2Fimage%2F2023%2F10%2F05%2FElection_2024_McCarthy_Fundraising_85345--f7909_c0-208-5000-3124_s1200x700.jpg%3F74d48b7b24509088c15947da9892024c1a07cb57&pageUrl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F

Requested by

Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/loader/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:90fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71824fb68a45be8780113e74b2e6ca7d245196372f1a57d615600c421c75a601

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
requestid: 403ee0a7-ddf1-4a17-aecd-9e75b6b14e0c
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
cf-ray: 8a5c23946ced3650-FRA

GET
H2 200 getContentIdByUrl Show response
comment.instiengage.com/live/comments/api/comments/ 79 B
358 B 582ms
475ms Fetch
application/json 2606:4700:4400::ac40:90fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://comment.instiengage.com/live/comments/api/comments/getContentIdByUrl?integrationId=172bad30-6d59-40f0-b6d9-73707f6e99d8&pageTitle=Hackers%20used%20X%20to%20target%20Congress%20with%20spyware%2C%20Amnesty%20International%20finds%20-%20Washington%20Times&extPageId=2859417-3e848af&imageUrl=https%3A%2F%2Ftwt-thumbs.washtimes.com%2Fmedia%2Fimage%2F2023%2F10%2F05%2FElection_2024_McCarthy_Fundraising_85345--f7909_c0-208-5000-3124_s1200x700.jpg%3F74d48b7b24509088c15947da9892024c1a07cb57&pageUrl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F

Requested by

Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/loader/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:90fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71824fb68a45be8780113e74b2e6ca7d245196372f1a57d615600c421c75a601

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
requestid: 499ace54-245d-4afb-9755-278c583e2c04
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
cf-ray: 8a5c23946cf03650-FRA

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 48ms
47ms Image
image/svg+xml 184.28.89.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-89-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Sun, 18 Aug 2024 16:37:56 GMT
date: Fri, 19 Jul 2024 16:37:56 GMT
last-modified: Sun, 25 Feb 2024 08:33:18 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1708851030.144644"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
429 B 409ms
126ms Fetch
text/plain 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=43cdd9e19308216696db53c8f656abf7_223057_1721407075753_1&tm=1318&eT=0&widgetWidth=877&widgetHeight=36&widgetX=187&widgetY=1824&wRV=2010866&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=892&oo=true&lo=803&obreq=662&mvreq=1322&mvres=2212&cet=4g&to=1721407074223&ll=0&chs=12&ab=0&wl=0&retries=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
x-traceid: 6d19145e45f222a841db67be937e1204
content-length: 6

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
429 B 396ms
124ms Fetch
text/plain 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=b3e45914fc1d25ebb7ad3d64c2ad4ea1_223057_1721407076051_1&tm=1326&eT=0&widgetWidth=871&widgetHeight=390&widgetX=190&widgetY=1872&wRV=2010866&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=803&obreq=662&mvreq=1322&mvres=2222&re=2223&cet=4g&cs=1&to=1721407074223&ll=0&chs=12&ab=0&wl=0&retries=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
x-traceid: a4c313993346881ef725996029e36c5f
content-length: 6

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 26 KB
8 KB 488ms
488ms Script
text/javascript 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&idx=1&rand=31811&widgetJSId=AR_2&va=true&et=true&format=html&t=NTM3NzU5ODJkNDVhNmJhYTMxMDg4NzU3MjViNjQ2Nzc=&px=187&py=4893&vpd=3693&settings=true&recs=true&cw=877&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&obRecsAbtestVars=1550:5795&wdr-cosc=1&wdr-attribution-src=1&activeTab=true&gpp=DBAA&gpp_sid=&version=2010866&sig=4T6VcHTo&apv=false&osLang=de-DE&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpaStat=0&ogn=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&pubcid=d21166af-2afa-4426-811a-ae5628bb457c

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7abf04a3481e605a64967afe6d581410f94540d3e2ccb42a6936d4a17b70a82b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-served-by: cache-lga21960-LGA, cache-fra-etou8220123-FRA
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Fri, 19 Jul 2024 16:37:56 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1721407076.474341,VS0,VE446
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-traceid: 2a68677035e834a7967a616ca1157593
accept-ranges: bytes
content-length: 8436
x-cache-hits: 0, 0

GET
H2 200 ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
8 KB 48ms
48ms Image
image/svg+xml 184.28.89.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-89-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Sun, 18 Aug 2024 16:37:56 GMT
date: Fri, 19 Jul 2024 16:37:56 GMT
last-modified: Sun, 25 Feb 2024 08:33:18 GMT
server: AkamaiNetStorage
etag: "b79638966e0374c455e78107aee59bf4:1708851049.631145"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7647
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 eyJpdSI6IjY5ZDg5Y2RlYjNmY2JjN2VlYmJmZTk0NDVlMTA3ZTM2NWMwMDA0ODYyYTg5NTdjMGU1OGQyYzNjYWI3ZDRhMWQiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 11 KB
12 KB 220ms
78ms Image
image/webp 23.212.89.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6IjY5ZDg5Y2RlYjNmY2JjN2VlYmJmZTk0NDVlMTA3ZTM2NWMwMDA0ODYyYTg5NTdjMGU1OGQyYzNjYWI3ZDRhMWQiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.89.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-89-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5d718c53913047829f6bbe4e42ccd3dcc1475dde86e2d5a6169d7c96babc0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 Jul 2024 16:37:56 GMT
last-modified: Fri, 19 Jul 2024 08:54:21 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2451797
access-control-allow-credentials: false
x-traceid: 8ecc7579879a1820864b1f063350d0e6
timing-allow-origin: *, *
content-length: 11706

GET
H2 200 eyJpdSI6IjVhNzc0ZDJjNzMxNzk2MjhhZTVlMDU3ODQ2NmQ2YWM4NjdjZjIwYjcwZjZmOWEyNTQxZWYxYzVjNDgzOTUwNTIiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 17 KB
17 KB 185ms
44ms Image
image/webp 23.212.89.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVhNzc0ZDJjNzMxNzk2MjhhZTVlMDU3ODQ2NmQ2YWM4NjdjZjIwYjcwZjZmOWEyNTQxZWYxYzVjNDgzOTUwNTIiLCJ3Ijo0MDAsImgiOjI2NiwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.89.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-89-151.deploy.static.akamaitechnologies.com

Software

Resource Hash

fbfed1ab34247037b0d094f8fdc17a76003a50a524713042c1f0bf7ac45b73f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 Jul 2024 16:37:56 GMT
last-modified: Fri, 14 Jun 2024 14:13:56 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=458837
access-control-allow-credentials: false
x-traceid: 646b91e2558948e17175f4cb6436becc
timing-allow-origin: *, *
content-length: 16966

GET
H2 200 loader
d2.ads.rmbl.ws/ Frame 1DBD 0
0 478ms
162ms Document
text/html 38.70.189.70
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d2.ads.rmbl.ws/loader?a=170&if=false&title=Hackers%20used%20X%20to%20target%20Congress%20with%20spyware%2C%20Amnesty%20International%20finds%20-%20Washington%20Times
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.70.189.70 Toronto, Canada, ASN399647 (RUMBLE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.washingtontimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 17
content-type: text/html
date: Fri, 19 Jul 2024 16:37:56 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: nginx

GET
H2 200 adsct
t.co/1/i/ 43 B
379 B 391ms
241ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=9f319690-5019-4389-b900-cb8d8f673b75&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=30ba59df-2a6f-4a50-8085-429776ebf032&tw_document_href=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&tw_iframe_status=0&txn_id=nwae8&type=javascript&version=2.3.30

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 195
date: Fri, 19 Jul 2024 16:37:56 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: fbe5c5421ac74563
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 15417bab445e0f3ac297d8358d0773c50b2307118d887ae2c56b18997741750b
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 256ms
148ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=9f319690-5019-4389-b900-cb8d8f673b75&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=30ba59df-2a6f-4a50-8085-429776ebf032&tw_document_href=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&tw_iframe_status=0&txn_id=nwae8&type=javascript&version=2.3.30

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 107
date: Fri, 19 Jul 2024 16:37:56 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 422355062a9b2350
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: ab5c9341ae07c37d0d75715fa511b157dc1fa9605011cbe279797973f32b7dc7
content-length: 43

GET
H2 200 main.15f60036.js Show response
s.pinimg.com/ct/lib/ 80 KB
23 KB 44ms
42ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.15f60036.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 64242620e74b79915f5014b875ae73457a4738c559ad8a8306f2afa846534ad5

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
x-cdn: fastly
etag: "8de095625367fc80faddb31d1c4af0e3"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 23297

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
100 KB 62ms
62ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2KS4V69VVW

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

70500d429398c9a4b980761906899a7df69d91b0619f510639828f9a9a8a56e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102478
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 Jul 2024 16:37:56 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
81 KB 70ms
69ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-318004630&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRFBMGL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6757988a6bd74964731e8e2a22f89bb456354d23b538320f967b253a484af33f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83029
x-xss-protection: 0
last-modified: Fri, 19 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jul 2024 16:37:56 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 25 KB
7 KB 46ms
45ms Script
application/x-javascript 2a02:26f0:480:b94::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b94::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 19 Jul 2024 16:37:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Apr 2024 13:13:58 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6352
Expires: Fri, 19 Jul 2024 17:37:56 GMT

GET
H2 200 wid Show response
stats-collector.cxense.com/cr-stats/event/ 42 B
136 B 138ms
40ms Fetch
image/gif 167.235.124.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-collector.cxense.com/cr-stats/event/wid?location=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&pId=AR_1&ckp=lysxbt1d3hee2bn4&rnd=lysxbt1dw7q8qm96&siteId=hph4LAYuC6&source=ci&cCreatedAt=2023-10-09T11%3A33%3A00&cAuthor=Ryan%20Lovelace&cSection=News&cTags=Technology&cTags=Media%20Spotlight&cTags=Politics&cTags=Security&cTags=SaxoTech%20Editorial&cType=article&t=Hackers%20used%20X%20to%20target%20Congress%20with%20spyware%2C%20Amnesty%20International%20finds&userIdSources=pubcid
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/ari-ci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.23 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0001.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Jul 2024 16:37:56 GMT
server: Jetty(9.4.28.v20200408)
content-length: 42
content-type: image/gif

GET
H3 200 329974197684672 Show response
connect.facebook.net/signals/config/ 31 KB
5 KB 183ms
181ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/329974197684672?v=2.9.162&r=stable&domain=www.washingtontimes.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C223%2C157%2C113%2C129%2C117%2C146

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

e529b3d3f042219c2001b43a6a1b74382a2c231deaf3e8ddcda74821bebd2c80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 Jul 2024 16:37:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=35, mss=1232, tbw=19207, tp=24, tpl=0, uplat=138, ullat=0
pragma: public
x-fb-debug: yIYikxScinNBcVs05b+BLRAMsPYgl7Lkqt11GZ8UbXqY82Rhot6ZDgClzbFaAU/m7eQPlAsBPb1YkpJps5DG3w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
275 B 133ms
41ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=567611540109994&ev=PageView&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&rl=&if=false&ts=1721407076608&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721407076606.879987979655069522&ler=empty&cdl=API_unavailable&it=1721407076314&coo=false&rqm=GET

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2812, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Jul 2024 16:37:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 287ms
196ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=567611540109994&ev=PageView&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&rl=&if=false&ts=1721407076608&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721407076606.879987979655069522&ler=empty&cdl=API_unavailable&it=1721407076314&coo=false&rqm=FGET

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 19 Jul 2024 16:37:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7393387096462315724", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=14, mss=1297, tbw=3326, tp=-1, tpl=-1, uplat=153, ullat=0
pragma: no-cache
x-fb-debug: Z5yCl4XW6DXpDC6+dqsGN1Hv5n6dfansHn+jE7ji6Xb3p4yYQRFUaH21R3Jv2bfT+ZAemnUjc38cUskY6Gyvkw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7393387096462315724"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 topics.html
postrelease.com/iframes/ Frame 7792 0
0 638ms
217ms Document
text/html 52.36.224.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postrelease.com/iframes/topics.html
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.224.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-224-135.us-west-2.compute.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.washingtontimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 582
content-type: text/html
date: Fri, 19 Jul 2024 16:37:57 GMT
etag: "ec22fdd2cd0ccf11c7761864efa96c06"
last-modified: Fri, 15 Mar 2024 21:34:47 GMT
server: AmazonS3
x-amz-id-2: Ed8crrGM32roCp2VUC0vlu4Jfrmbs3fHlYzs6vPW82gUDL52ER8c/ifE79pGnj2QFTH/QDT7MJs=
x-amz-request-id: DKGWZ4XX4346JPP5
x-amz-server-side-encryption: AES256

GET
H2 200 t Show response
jadserve.postrelease.com/ 394 B
675 B 636ms
208ms Script
text/javascript 34.215.24.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&ntv_mvi
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.215.24.217 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-215-24-217.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 11c0f037cde2ea58d611524ed7eb14d88cec5a6c597e22eb54afb9b0cf748de6

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:57 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 262
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 204 B
896 B 212ms
180ms Script
application/javascript 104.18.223.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?browser_id=lysxbt1d3hee2bn4&page_view_id=lysxbt1dw7q8qm96&content_type=article&page_title=Hackers+used+X+to+target+Congress+with+spyware%2C+Amnesty+International+finds&callback=jsonp535&client_id=hph4LAYuC6&site=https%3A%2F%2Fwww.washingtontimes.com&user_state=anon

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bc44d475ade5be1e318709bac2e38d9df0c7927bd3f88d23ef3d0ed1ce9994a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: M87qvgsS26h
pragma: no-cache
wn: prod-id-10-0-116-167
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
server-time: 0.003
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 8a5c2395abf5b61b-WAW
access-control-allow-headers: origin, content-type, accept, authorization, pn-consents, user-state
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
204 B 195ms
193ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4E4A2AAEA14B439181E3EBFBAB60497B Ref B: DUS30EDGE0711 Ref C: 2024-07-19T16:37:56Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.washingtontimes.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYdnFFTj3HYNR7Ea4jWVw==

GET
H3

200

sync Show response
capi.connatix.com/core/ Frame 2514
Redirect Chain

https://capi.connatix.com/core/sync
https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0

7 KB
3 KB

135ms
132ms

XHR
application/json

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e50a9a8d17f05a524bf905c43389fa9594546c87052b3e2639b4224efd647f17

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8a5c23971dc5bbae-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 2736
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 19 Jul 2024 16:37:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
location: https://capi.connatix.com:443/core/sync?tier=1&final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8a5c23961c6bbbae-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 27
alt-svc: h3=":443"; ma=86400

POST
H3 200 pls Show response
capi.elements.video/core/ Frame 2514 193 B
510 B 99ms
97ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.elements.video/core/pls?v=511634&cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94cac50078714276e10ecf8c4c4e21c9ca020e9344b7a8d95032ac10de5d1545

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8a5c23958a5358f6-TXL
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 211
alt-svc: h3=":443"; ma=86400

GET
H3

200

sync Show response
capi.connatix.com/core/ Frame 2514
Redirect Chain

https://capi.connatix.com/core/sync
https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0

7 KB
3 KB

220ms
111ms

XHR
application/json

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59bd4faed96ead225478a5cbf66cfe0c0a1513370143991f889d0a8b0493e66

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8a5c23978e5fbbae-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 2680
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 19 Jul 2024 16:37:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
location: https://capi.connatix.com:443/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8a5c23961c6dbbae-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 27
alt-svc: h3=":443"; ma=86400

POST
H3 200 pls Show response
capi.elements.video/core/ Frame 2514 193 B
510 B 92ms
91ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.elements.video/core/pls?v=511634&cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94cac50078714276e10ecf8c4c4e21c9ca020e9344b7a8d95032ac10de5d1545

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8a5c23958a5558f6-TXL
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 211
alt-svc: h3=":443"; ma=86400

GET
H3

200

sync Show response
capi.connatix.com/core/ Frame 2514
Redirect Chain

https://capi.connatix.com/core/sync
https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0

7 KB
3 KB

108ms
107ms

XHR
application/json

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/
Protocol: H3
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 570735f508e7a7892003771d08c5f120ab7d381f09c145d95755f4fa93fed39b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8a5c2396dd68bbae-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 2739
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 19 Jul 2024 16:37:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
location: https://capi.connatix.com:443/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8a5c23961c6cbbae-WAW
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 27
alt-svc: h3=":443"; ma=86400

POST
H3 200 pls Show response
capi.elements.video/core/ Frame 2514 30 KB
14 KB 135ms
133ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.elements.video/core/pls?v=511634&cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05237e423e650346b9f7c2565f6434fd4fb4a42338b250e0157bfd321591ea52

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 8a5c23958a5658f6-TXL
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
ct.pinterest.com/user/ 326 B
637 B 226ms
73ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614346040902&ov=%7B%22page_name%22%3A%22My%20Page%22%2C%22page_category%22%3A%22My%20Page%20Category%22%7D&cb=1721407076723&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15f60036.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1733908980741277
content-length: 185
pin-unauth: dWlkPVpqaGhZVGt3TjJZdFlXVTFPUzAwWVRJd0xUbGtZemd0T0RRNFlUQmtORGM0WmpBdw
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.washingtontimes.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 98a5c1f9a97216ab594bea30094df12248eb1060
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 326 B
300 B 224ms
72ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22promo_code%22%3A%22TWTCHACKAPINT%22%2C%22event_id%22%3A%2239f0cbc1-5a83-4c2f-8826-a6d60bf63816%22%7D&tid=2614346040902&cb=1721407076725&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15f60036.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 9604763464320388
content-length: 185
pin-unauth: dWlkPVpqWmpOMkUyTmpFdE0yTXdaQzAwTWpFMUxUbGlORGN0TXpJNVptRTRNMlEwTmpFeg
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.washingtontimes.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 98a5c1f9a97216ab594bea30094df12248eb1060
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 abb4c8cfc80a2585b08d61907da96b005f7b2b376c1f1e2342a53616868f Show response
absorbingband.com/send/ 303 B
725 B 182ms
127ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://absorbingband.com/send/abb4c8cfc80a2585b08d61907da96b005f7b2b376c1f1e2342a53616868f

Requested by

Host: absorbingband.com
URL: https://absorbingband.com/public/a8a084cb03100cac9e44c5e69dd87fd1686ea33cd4-prod.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

615abd6358b55e9badccab745ec3788c49d67100d0d5bf65af86d2a9f3d24bd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
strict-transport-security: max-age=15724800; preload
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
x-buildnumber: 1353145067
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.washingtontimes.com
x-hostname: fen-hoothoot-europe-west1-4lzd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 8a5c23960dabb5f1-WAW
expires: Fri, 19 Jul 2024 16:37:55 GMT

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
181 B 218ms
73ms Fetch
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2614346040902&ov=%7B%22page_name%22%3A%22My%20Page%22%2C%22page_category%22%3A%22My%20Page%20Category%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2215f60036%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1721407076730
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15f60036.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:56 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://www.washingtontimes.com
pinterest-version: 98a5c1f9a97216ab594bea30094df12248eb1060
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 9758916025187557
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 113 KB
37 KB 56ms
56ms Script
application/x-javascript 2a02:26f0:480:b94::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b94::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c5a562f6bd7161025bcfdb4d9009ced16d4531723f51bb532b5396d98ac29f0f

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 19 Jul 2024 16:37:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jul 2024 09:15:20 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37577
Expires: Fri, 19 Jul 2024 17:37:56 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 43ms
41ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=329974197684672&ev=PageView&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&rl=&if=false&ts=1721407076799&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721407076606.879987979655069522&ler=empty&cdl=API_unavailable&cs_est=true&it=1721407076314&coo=false&rqm=GET

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=14, mss=1297, tbw=3179, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Jul 2024 16:37:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1018 B 165ms
164ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=329974197684672&ev=PageView&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&rl=&if=false&ts=1721407076799&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721407076606.879987979655069522&ler=empty&cdl=API_unavailable&cs_est=true&it=1721407076314&coo=false&rqm=FGET

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/news/2023/oct/9/hackers-used-x-target-congress-spyware-amnesty-int/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 19 Jul 2024 16:37:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7393387095000261972", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=14, mss=1297, tbw=6331, tp=-1, tpl=-1, uplat=124, ullat=0
pragma: no-cache
x-fb-debug: D10MSsIOrgOVIYVTAvkerUsIMs2SkH2bg/BHlI7NSjGNapfXXvPmx/sA/kMbLX5NmGMLOOsItq8Cd/SfsmOltw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7393387095000261972"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/6d187548-b35b-4cc2-941f-65586016c196/3/ Frame 2514 461 B
587 B 200ms
111ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/6d187548-b35b-4cc2-941f-65586016c196/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4c1c113a37481dcbd8be0c787858bf507c067ad9169ca987961a9cfe882a36a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 21:13:54 GMT
server: cloudflare
etag: W/"644bd908d30290be40739bb4f11f92bf"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c92c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/6d49a2da-bd04-4b09-a15b-41dc6b9b9c0f/4/ Frame 2514 380 B
549 B 160ms
71ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/6d49a2da-bd04-4b09-a15b-41dc6b9b9c0f/4/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c20c3b01a8ecd1746b462753e72086341a84f6d57cb95d3049dcdc7531d06004

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 05:24:19 GMT
server: cloudflare
etag: W/"3f68fb815fbc39ac2783d2834d35ab9e"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c8cc065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/3d345173-1730-4e0e-baa5-0ec5937a659a/5/ Frame 2514 272 B
496 B 157ms
69ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/3d345173-1730-4e0e-baa5-0ec5937a659a/5/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0576701a027fc1282b8d2fa7dc6e2267a12dfd5972204467ea39cc2259140a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 11:18:40 GMT
server: cloudflare
etag: W/"0aae8a4fefbb65fb7dc6f94ee85fd89f"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c8fc065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/a4994780-e876-4573-8e45-0fd5c7fe2597/3/ Frame 2514 353 B
544 B 157ms
69ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/a4994780-e876-4573-8e45-0fd5c7fe2597/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95607b85cf5f947b01cabb1b0f067cf26c209247c9a409354aeddf5edae5b5a6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 05:14:54 GMT
server: cloudflare
etag: W/"92f700a0791ac0ada32ba8ffb18b3bf9"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c86c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/5b99bc18-e119-4199-9079-8631d66080bd/5/ Frame 2514 344 B
535 B 198ms
110ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/5b99bc18-e119-4199-9079-8631d66080bd/5/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91ddf176dff3589e22d0983660567bfcef8dcb370aa0b5763199ebcaaf83108f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jul 2024 02:25:09 GMT
server: cloudflare
etag: W/"33230949ec2669b52922418ee63691d2"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c87c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/2ec82fc3-0690-418c-b45a-0325f8874d66/4/ Frame 2514 317 B
525 B 156ms
68ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/2ec82fc3-0690-418c-b45a-0325f8874d66/4/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe22f6e117253fa0536f71be7311fb161962b3db35771875aee46e432349194b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Jul 2024 22:53:34 GMT
server: cloudflare
etag: W/"7f824ead0e1cd9b61ca03483d4a9ba1f"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c8bc065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/6c4f6e33-e68e-47e6-a376-10d654a3ca0e/3/ Frame 2514 461 B
591 B 158ms
71ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/6c4f6e33-e68e-47e6-a376-10d654a3ca0e/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5edb08b00dd89b4d6b4864a4550c73014a730b7d1f612fa8713d2c3e13d8633b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Jul 2024 21:34:04 GMT
server: cloudflare
etag: W/"2a746b508c66ef908a981c2b71bc272f"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c89c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/b56f3995-c152-40ec-9922-c2a9cc79e893/4/ Frame 2514 389 B
562 B 204ms
114ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/b56f3995-c152-40ec-9922-c2a9cc79e893/4/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6804a53b18d165bf6b7971e81011d60237df8c812c107c3144919527d6a015e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Jul 2024 14:29:46 GMT
server: cloudflare
etag: W/"eda2fc55d9f40c7dd53e3bc751c868b3"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970cacc065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/2b53d117-319c-4243-b8a2-b7f565739825/3/ Frame 2514 461 B
598 B 203ms
113ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/2b53d117-319c-4243-b8a2-b7f565739825/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edf14dbf925ed50ed1bf95fb59d4200fbe859e5ae3808bbe4f080cb9080eac5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Jul 2024 10:25:03 GMT
server: cloudflare
etag: W/"119480175e2c0d380aae551cedfbc8c0"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970ca5c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/ff63f36b-44c1-49c5-8e70-9ec6e0bca52c/10/ Frame 2514 245 B
489 B 203ms
114ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/ff63f36b-44c1-49c5-8e70-9ec6e0bca52c/10/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66398edf56d9d492c5990ad76fd7d026d0ec200f662616abebba45da845bad7c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Jul 2024 17:06:39 GMT
server: cloudflare
etag: W/"6f688b2289a37b7f6ee27604332840ef"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970cabc065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/469f2999-1c1a-45f0-ab10-034acb3a6291/4/ Frame 2514 281 B
498 B 201ms
112ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/469f2999-1c1a-45f0-ab10-034acb3a6291/4/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 043e345faa7e2e3891f8607f0eea59dd3308c6fa4cb9667a4e3ab0f7e7702770

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Jul 2024 02:15:18 GMT
server: cloudflare
etag: W/"76dfe82b374c574f46a9995d2da887f7"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970ca8c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/427ab642-ff8d-41a9-89bb-830a037bc353/4/ Frame 2514 452 B
587 B 201ms
112ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/427ab642-ff8d-41a9-89bb-830a037bc353/4/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc7d5521449ea42b17df2f5102016311f3f7d4ca6814684cad324bef0f9f7329

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Jul 2024 01:34:32 GMT
server: cloudflare
etag: W/"8dd1f09a251f3abc5694b6023e5ce51d"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970caac065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/8a6b8002-7d82-4f0f-aaeb-ce4a12ae0225/5/ Frame 2514 497 B
616 B 159ms
71ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/8a6b8002-7d82-4f0f-aaeb-ce4a12ae0225/5/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 043f82feb57664875fad1d119a043518f37086de73790dac820ef14d3968aabf

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Jul 2024 20:11:33 GMT
server: cloudflare
etag: W/"67bc0ba49f506cfb1f31d4009dd22114"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c98c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/0b1f70bd-3015-4feb-9c03-dd93d8e1b4fc/6/ Frame 2514 335 B
513 B 199ms
111ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/0b1f70bd-3015-4feb-9c03-dd93d8e1b4fc/6/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f8186f78a0e66036989b855d0de35f2f6e1d37e70e533fb091f28ab6038d97d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Jul 2024 02:21:36 GMT
server: cloudflare
etag: W/"68aa13c3cf530da50214501b7bde0be9"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c99c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/bb0dccb0-f2b4-439d-a97b-19556bf770a8/7/ Frame 2514 281 B
508 B 198ms
111ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/bb0dccb0-f2b4-439d-a97b-19556bf770a8/7/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a8fb11ec205a80399632ac504705edc26d45e6ce1d04f13cb9d7f666b71b625

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Jul 2024 19:28:30 GMT
server: cloudflare
etag: W/"c3de69cf41fd31872520bf13526a1e10"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c96c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/96d90ebb-8ad8-443e-8dff-6d5d1f75dd10/7/ Frame 2514 317 B
524 B 154ms
67ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/96d90ebb-8ad8-443e-8dff-6d5d1f75dd10/7/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d597fa62e3fa205e5c6c542b8723b31ab20536c3ffd0ba0f1d6ea2c9fb90114

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Jul 2024 09:42:37 GMT
server: cloudflare
etag: W/"be24d5884e8e4e7bfc70ff85d8023020"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c94c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/4905acaa-fbd5-4a77-80df-d8ed2bf98b6e/3/ Frame 2514 488 B
596 B 198ms
111ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/4905acaa-fbd5-4a77-80df-d8ed2bf98b6e/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a95f3bd7d02b4c9c8b0c4dbcf71f5346f233ab13b7f305362a03bd9762f590f8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 19:17:01 GMT
server: cloudflare
etag: W/"a8d2e205b734fa85682a608d450fcc40"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c9cc065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/98cdeb4a-fe1c-4b89-9328-29729b41dea8/3/ Frame 2514 344 B
534 B 199ms
111ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/98cdeb4a-fe1c-4b89-9328-29729b41dea8/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7be991c1cc7f28524357d35f090172bb081958b0a6b33b243b5728d44cd3cdf

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 13 Jul 2024 22:44:58 GMT
server: cloudflare
etag: W/"b7da19476a249028cfcdf9c25b1b295f"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c9dc065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/776a9908-f880-4f91-818c-230a0c00bcf2/3/ Frame 2514 335 B
511 B 199ms
111ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/776a9908-f880-4f91-818c-230a0c00bcf2/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58ea4588e2d7e98e36d9201bae187e30b30cbc5127cddff85606d707b45d91f7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Jul 2024 01:45:22 GMT
server: cloudflare
etag: W/"36cbf6e240fdf6cad9b637623894ff73"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c9ec065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/8e5d819d-95c3-43f3-9670-c07d216648ee/3/ Frame 2514 524 B
621 B 156ms
70ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/8e5d819d-95c3-43f3-9670-c07d216648ee/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3d082d58577c2f480d1f32c7941fed5a6a02f43ac5ac3ecb71f9059c1c588ce

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 13 Jul 2024 20:49:33 GMT
server: cloudflare
etag: W/"010a8d561b9224cd769ab91d7c6ac00f"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c7ac065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/208faf81-57fc-41e6-8a4e-3dcf0404dca4/5/ Frame 2514 389 B
559 B 149ms
64ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/208faf81-57fc-41e6-8a4e-3dcf0404dca4/5/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e097a1eaacbceb7110fb8acb68aa3371c520f2d24ada7bde79ab4c63487b1d7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jul 2024 19:40:14 GMT
server: cloudflare
etag: W/"5eb41012f4fa423ca21a5b39e0bd48d0"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c74c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/0a0d892a-d79c-45af-9d99-a75969e27f4a/3/ Frame 2514 353 B
574 B 148ms
63ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/0a0d892a-d79c-45af-9d99-a75969e27f4a/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e415b6816207e223acf421badcc2484d9cb5d10d390a7050109efbf902563bee

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 13 Jul 2024 20:58:00 GMT
server: cloudflare
etag: W/"34497fce8f4530dae6c96b55e70ff4a6"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c6fc065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/9c7fd49a-6791-4796-a251-941268ca6d63/3/ Frame 2514 461 B
600 B 148ms
64ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/9c7fd49a-6791-4796-a251-941268ca6d63/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 283c2151fc9c4700b4ec89a0c55b6893a64d4e9f8d1ed68e49e3cd5d32bac905

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Jul 2024 00:53:30 GMT
server: cloudflare
etag: W/"58318f2cd4973dedad3902d8c29e0cae"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c71c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/55f67a96-d1d6-4d05-a633-be6a9c05f92c/3/ Frame 2514 461 B
587 B 177ms
93ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/55f67a96-d1d6-4d05-a633-be6a9c05f92c/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eba2224031ba056f261439d5a3075bf7c35d0832ac66cc5d3d6b7ceb66caa83c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Jul 2024 13:08:14 GMT
server: cloudflare
etag: W/"aa9128edd13e55c4e2fc1ba787e0302b"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c7dc065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/2bdec9c8-ff9f-4c97-8b7c-cdd69947acc5/4/ Frame 2514 641 B
691 B 149ms
65ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/2bdec9c8-ff9f-4c97-8b7c-cdd69947acc5/4/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e56c5a6048f447ae55318bc805dc3d8251636045c8b88768da47dbd2e2c0139f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Jul 2024 17:31:15 GMT
server: cloudflare
etag: W/"b41290e9737edd0a2a3c89cc3d49c15e"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c7ec065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/9b6b8895-7301-44aa-8496-c85bcc732409/7/ Frame 2514 497 B
613 B 149ms
64ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/9b6b8895-7301-44aa-8496-c85bcc732409/7/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4477c215d86d0a9bb036a907877a489afee9b0e60c4b219e0b3349771e7243fe

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 21:17:06 GMT
server: cloudflare
etag: W/"ba96a34161c5181de50e77ccdf4eb44a"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c78c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/b9a232c0-4f7d-4ee5-906e-c65a2dab2534/7/ Frame 2514 632 B
665 B 153ms
68ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/b9a232c0-4f7d-4ee5-906e-c65a2dab2534/7/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb9dfe8751d4bd0573f9395c10201d3b56c424d15394841d18d80e0350b7a0a4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Jul 2024 21:59:54 GMT
server: cloudflare
etag: W/"bb043fa6ac88bf0fdf38f27cecd07b60"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c7fc065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/0f3bcd62-7dda-446b-b537-a8b28af24d90/3/ Frame 2514 344 B
532 B 153ms
68ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/0f3bcd62-7dda-446b-b537-a8b28af24d90/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2530994c2e77181dbc42603bd2dda4d3b7310d7bbccfb34f34a83bdcb3acc384

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 08 Jul 2024 19:34:27 GMT
server: cloudflare
etag: W/"9d88288fd30fc8e5134c8b56260d62b4"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c82c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/27dcefdd-2808-4c06-b36a-a990d271b086/3/ Frame 2514 416 B
567 B 149ms
65ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/27dcefdd-2808-4c06-b36a-a990d271b086/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba8013e42d63dbdbfc221de6dc83914beefff7c00ebc8e6af4682f71141283d4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Jul 2024 10:36:48 GMT
server: cloudflare
etag: W/"ca4a8ca7d17bc7356b490d309bb3fa0b"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c83c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/2e4291e0-05d4-4274-ba31-def029adf497/4/ Frame 2514 605 B
670 B 156ms
72ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/2e4291e0-05d4-4274-ba31-def029adf497/4/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5618afa899d02afdd80773b457fde7a591a77bbb351fb5116d728eafe98d0ac

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Jun 2024 21:00:26 GMT
server: cloudflare
etag: W/"7b8d8c5ce606ae5a244084bb8c46bfa0"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c85c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/59a38da7-91fc-4004-a2cb-3be4faabb38a/3/ Frame 2514 380 B
551 B 155ms
68ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/59a38da7-91fc-4004-a2cb-3be4faabb38a/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56b92097c5c919a3fca9ef3202301b12837a5c2688c4971fd3bca4b028cc865c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Jul 2024 14:44:29 GMT
server: cloudflare
etag: W/"c50fd2934b3cb8afa3fb2d087ed2cc02"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970c9fc065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/c30efea2-6031-4f56-97c9-44cae2585a03/3/ Frame 2514 443 B
567 B 198ms
111ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/c30efea2-6031-4f56-97c9-44cae2585a03/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7c78443afd8c7b15978afb5f3ae29690402509823bbd9fd34923f2b611c6138

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Jul 2024 21:36:51 GMT
server: cloudflare
etag: W/"fff49784b5bc7fcd867460dc60d1e9aa"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970ca1c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/2f118a9b-ff7f-47ed-8d59-07c4426590b0/5/ Frame 2514 344 B
534 B 199ms
113ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/2f118a9b-ff7f-47ed-8d59-07c4426590b0/5/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 697a804a7251c1a4dd37616d8ec14898b1ca15ce38220d8fbc85a5c767527e97

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jul 2024 15:20:33 GMT
server: cloudflare
etag: W/"24d1d70f93238ffe7091f59aaa11a842"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970ca3c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/65abeea7-96a9-49fb-b949-f6c827e5b01f/3/ Frame 2514 380 B
553 B 156ms
69ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/65abeea7-96a9-49fb-b949-f6c827e5b01f/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29ef974e899f90a273e61e0139ab03c5c9bfe6d47d9f8584fad6ea4d5df1ad8f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Jun 2024 20:37:21 GMT
server: cloudflare
etag: W/"d3cefcdeffaf6af1b75ec1e6088d43a9"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970cadc065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/a2cc8ed0-496d-4228-8263-bce28e08a2ff/5/ Frame 2514 353 B
543 B 201ms
114ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/a2cc8ed0-496d-4228-8263-bce28e08a2ff/5/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95711d0237118239e822234d1ef2cbb19ee44283601784570450c588e038b75

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Jul 2024 14:38:53 GMT
server: cloudflare
etag: W/"6af2a320463304a96dce2efc2977cda6"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970caec065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/a8337c99-e4c2-41b7-824d-505bb7f7620b/5/ Frame 2514 497 B
613 B 201ms
114ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/a8337c99-e4c2-41b7-824d-505bb7f7620b/5/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c4856d55ab1a29e644a9399ed6cd12420ded6eefcbf826e73a67d2c6571c4e3

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Jul 2024 16:26:19 GMT
server: cloudflare
etag: W/"33b1132bdb982c898252d39b9a79ee1d"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970cb0c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/92f45e3c-f736-490d-81bd-e8ff57f95783/3/ Frame 2514 632 B
667 B 202ms
115ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/92f45e3c-f736-490d-81bd-e8ff57f95783/3/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dadbd2cbc3f3886ca88965a1e4df091ad3d6fbc57ea9ed0864c98f45008ae4d9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jun 2024 10:45:17 GMT
server: cloudflare
etag: W/"9397f1c0d0a543fcf28c5729a72f8f7e"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970cb2c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/8a19ad5e-2e4f-4b7d-b0d6-9625d83cae6f/7/ Frame 2514 353 B
538 B 202ms
115ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/8a19ad5e-2e4f-4b7d-b0d6-9625d83cae6f/7/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 932960e3c838a53906c59d181db6003d72cbe4d854a3e9f8f32d509bc82dbda0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jul 2024 14:49:50 GMT
server: cloudflare
etag: W/"41a3bf07424b4daebec88a59132770e8"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970cb4c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/4fe80f49-3d91-4ea3-83b4-e830b5188630/5/ Frame 2514 443 B
570 B 202ms
115ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/4fe80f49-3d91-4ea3-83b4-e830b5188630/5/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ee1d39503b0712550ddbaded3d9db3214348067e88475416a8fef3eb4389c98

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Jul 2024 11:40:06 GMT
server: cloudflare
etag: W/"db529aaecf62c807af1f88e1de602de0"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970cb5c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 3_media.bin Show response
vid.elements.video/pid-b2964f72-d551-44a1-9f8a-2a77c029ab39/7a92b226-d993-42b0-b6dd-f066b0292fe0/ Frame 2514 977 B
1 KB 127ms
60ms XHR
application/x-protobuf 104.18.43.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.elements.video/pid-b2964f72-d551-44a1-9f8a-2a77c029ab39/7a92b226-d993-42b0-b6dd-f066b0292fe0/3_media.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.43.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eb72b73d057844065ff868ffa278fda422f32217d80426ad4b20be499ea2990

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jul 2024 16:12:12 GMT
server: cloudflare
etag: W/"2ed912f0a203862077507ec9c796ee62"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: *
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 8a5c2396ec1b453a-TXL
access-control-allow-headers: range
xpid: b2964f72-d551-44a1-9f8a-2a77c029ab39
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 player.iframe.integration.destroy.82f1886e0886e4bb57d4.js Show response
cds.elements.video/a/ 735 B
743 B 54ms
54ms Script
application/javascript 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.elements.video/a/player.iframe.integration.destroy.82f1886e0886e4bb57d4.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/85d8ddb05bcf089b2c29e59623ae519ad02e2a929bfaac10d875c38b93211525
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46ffdbb826033b2b51f222bb08355173900fcd97c07c2983d00b44bd3a3e5873

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
content-encoding: br
x-amz-version-id: c6qeqQrXBHasJVMTMxYS6OQY4mMctgjx
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 373
last-modified: Thu, 18 Jul 2024 10:22:23 GMT
server: cloudflare
etag: "38af174065f199c23d069d51c81547b8"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 8a5c23968cbe58f6-TXL
access-control-allow-headers: range
expires: Sat, 19 Jul 2025 16:37:56 GMT

GET
H3 200 insights.bin Show response
ins.elements.video/aa9b9511cc402c53ea3a4e2c1a6b2f8e/ Frame 2514 576 B
619 B 404ms
319ms XHR
application/x-protobuf 172.64.144.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.elements.video/aa9b9511cc402c53ea3a4e2c1a6b2f8e/insights.bin
Requested by: Host: cds.elements.video
URL: https://cds.elements.video/p/511634/player.dc.js?cid=1ffe7fff-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.52 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfd717bdb81dd9e2dc4de88915bc85a6dba2e5305cf1237d56ec1a7028eadbcc

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Jun 2024 13:59:15 GMT
server: cloudflare
etag: W/"f9b98cefacd03813d156a26ae750a02c"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/x-protobuf
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary: Accept-Encoding
cf-ray: 8a5c23970cb7c065-WAW
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Jul 2025 16:37:57 GMT

POST
H3 200 execute Show response
c2.piano.io/xbuilder/experience/ 44 KB
7 KB 250ms
184ms XHR
application/json 104.16.143.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=hph4LAYuC6

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4060cb004e2eb4743bfcbd3fb1c23797962cc6482974be511541a9c1cdb179ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Jul 2024 16:37:57 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-request-id: vxhn58u3fa
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 8a5c23973e15c06a-WAW

POST
H3 200 0345d063fee9d8066ddf3a54d8ebee4e5263a8253c49bf Show response
absorbingband.com/8c7e2c23b1b0d0/ 1 KB
1 KB 89ms
88ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://absorbingband.com/8c7e2c23b1b0d0/0345d063fee9d8066ddf3a54d8ebee4e5263a8253c49bf

Requested by

Host: absorbingband.com
URL: https://absorbingband.com/public/a8a084cb03100cac9e44c5e69dd87fd1686ea33cd4-prod.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

218b4fde01436ab9821ae7674b7cfb219cb154cd13988cac2011dbd7bd4ac289

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Jul 2024 16:37:56 GMT
strict-transport-security: max-age=15724800; preload
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
x-buildnumber: 1353145067
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.washingtontimes.com
x-hostname: fen-hoothoot-europe-west1-4lzd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 8a5c2396decbb5f1-WAW
expires: Fri, 19 Jul 2024 16:37:55 GMT

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
359 B 70ms
69ms Fetch
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22promo_code%22%3A%22TWTCHACKAPINT%22%2C%22event_id%22%3A%2239f0cbc1-5a83-4c2f-8826-a6d60bf63816%22%7D&tid=2614346040902&cb=1721407076961&dep=5%2CEVENT_TAGS_ABSENT&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2215f60036%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.15f60036.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:57 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://www.washingtontimes.com
pinterest-version: 98a5c1f9a97216ab594bea30094df12248eb1060
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1607802442057043
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
429 B 126ms
125ms Fetch
text/plain 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=f6959e65cbbac9536466c11a089ef9aa_223057_1721407076590_1&tm=1844&eT=0&widgetWidth=877&widgetHeight=36&widgetX=187&widgetY=4893&wRV=2010866&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=509&oo=true&lo=803&obreq=662&mvreq=2232&mvres=2741&cet=4g&to=1721407074223&ll=0&chs=12&ab=0&wl=0&retries=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
x-traceid: 2b502c9263855717c40e2e57bd444a6f
content-length: 6

GET
H2 200 wid Show response
stats-collector.cxense.com/cr-stats/event/ 42 B
135 B 40ms
40ms Fetch
image/gif 167.235.124.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-collector.cxense.com/cr-stats/event/wid?location=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&pId=AR_2&ckp=lysxbt1d3hee2bn4&rnd=lysxbt1dw7q8qm96&siteId=hph4LAYuC6&source=ci&cCreatedAt=2023-10-09T11%3A33%3A00&cAuthor=Ryan%20Lovelace&cSection=News&cTags=Technology&cTags=Media%20Spotlight&cTags=Politics&cTags=Security&cTags=SaxoTech%20Editorial&cType=article&t=Hackers%20used%20X%20to%20target%20Congress%20with%20spyware%2C%20Amnesty%20International%20finds&userIdSources=pubcid
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/ari-ci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.23 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0001.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Jul 2024 16:37:56 GMT
server: Jetty(9.4.28.v20200408)
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
429 B 132ms
132ms Fetch
text/plain 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=caeedb9eee88e8aaf7bc1e4cb5fa623d_223057_1721407076866_1&tm=1849&eT=0&widgetWidth=871&widgetHeight=402&widgetX=190&widgetY=4941&wRV=2010866&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=803&obreq=662&mvreq=2232&mvres=2746&re=2748&cet=4g&cs=1&to=1721407074223&ll=0&chs=12&ab=0&wl=0&retries=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
x-traceid: 32b9f73c01b78da561ae201cee57ce37
content-length: 6

GET
H3 200 Sticky2,ConsentManager Show response
newsletterjet.com/files/78747841320bfb2b6565bf8ee24c12505edd060ef9b63beb80/ 379 KB
108 KB 218ms
126ms Script
text/javascript 104.18.24.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsletterjet.com/files/78747841320bfb2b6565bf8ee24c12505edd060ef9b63beb80/Sticky2,ConsentManager

Requested by

Host: absorbingband.com
URL: https://absorbingband.com/public/a8a084cb03100cac9e44c5e69dd87fd1686ea33cd4-prod.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7063f4712eceb68808952770d3d08f564b77589a25e803fa86795749e845c75a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.washingtontimes.com/
Origin: https://www.washingtontimes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:37:57 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: MISS
x-buildnumber: 1353145067
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
etag: W/"4f53c64b35c5c91451884574ccebf6c1b4200d21362f86a02ae883eab2a22e41"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language, Origin
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.washingtontimes.com
x-hostname: fen-hoothoot-europe-west1-4lzd
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 8a5c23980c9cbf45-WAW

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 60ms
53ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-318004630&gtm=45je47h0za200zb77303859&_p=1721407075502&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=1645011703.1721407076&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721407077&sct=1&seg=0&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&dt=Hackers%20used%20X%20to%20target%20Congress%20with%20spyware%2C%20Amnesty%20International%20finds%20-%20Washington%20Times&en=meterActive&_fv=1&_ss=1&_ee=1&ep.aid=hph4LAYuC6&ep.tags=Technology%2CMedia%20Spotlight%2CPolitics%2CSecurity%2CSaxoTech%20Editorial&ep.debug=false&ep.url=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&ep.event_category=meterActive&ep.event_label=Meter%20active%20aid%3Ahph4LAYuC6&ep.experience_id=EXSM8M4H8GN3&ep.meter_name=twt_meter_nslt&ep.hit_type=event&ep.non_interaction=true&ep.event_action=aid_hph4LAYuC6&tfd=3045&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-318004630&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 639 B
667 B 259ms
181ms XHR
application/json 104.18.239.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=hph4LAYuC6

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.239.248 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be9eda34c3fea80871ed747fa5d42e9c60ceee3689394789f9b5d6809e11a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Jul 2024 16:37:57 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
content-length: 362
x-request-id: M97qvgsli01
pragma: no-cache
wn: prod-dash-10-0-142-206
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.005
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8a5c23999ed64daa-FRA
expires: 0

GET cacheableShow
buy.tinypass.com/checkout/template/ Frame 44CE 0
0

POST
H3 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 639 B
696 B 241ms
176ms XHR
application/json 104.18.239.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=hph4LAYuC6

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.239.248 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8161329d54638727348b9cdca69ebc63f83c6bd27ac8f952b483e6a95e192312

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.washingtontimes.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 19 Jul 2024 16:37:57 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: M97qvgs2Ooa
pragma: no-cache
wn: prod-dash-10-0-139-54
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.002
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8a5c23999ed24daa-FRA
expires: 0

GET cacheableShow
buy.tinypass.com/checkout/template/ Frame BB6D 0
0

GET player.floating.js
cds.elements.video/p/511634/ Frame 2514 0
0

GET sp1.html
cdn.cxense.com/ Frame 0461 0
0

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
257 B 243ms
149ms Fetch
application/json 35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00001rrPUnAAM&gdpr=0&src=pbjs&ver=8.45.0&coppa=0
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:59 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 167 B
456 B 138ms
42ms Fetch
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

92b425b3558c756bc75435caf2124ddf2203f1b4167efcc64ade89ba2119928a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.washingtontimes.com
date: Fri, 19 Jul 2024 16:37:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
324 B 181ms
58ms Fetch
application/json 52.214.212.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?c=17248
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.212.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-212-45.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:37:59 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache
x-server: 10.45.7.137
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
260 B 152ms
51ms Fetch 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:37:59 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 44 B
294 B 135ms
42ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

afc58335390465ac62ab4e0308f62cba63b2cfceb71b7a06b7cc98f9b790d9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.washingtontimes.com
date: Fri, 19 Jul 2024 16:37:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 369.json Show response
id5-sync.com/g/v2/ 251 B
455 B 127ms
43ms Fetch
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/369.json

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

b77215f9db686315efe3a4e5031659abb6f1456ffe35e3bb6e1650ed5ba62536

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.washingtontimes.com
date: Fri, 19 Jul 2024 16:37:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

GET
H3 200 sdk-runtime-config.js Show response
buy.tinypass.com/api/v3/anon/assets/ 278 B
520 B 57ms
56ms XHR
application/json 104.18.239.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=hph4LAYuC6

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js?version=2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.239.248 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d8d3536266d00e3f350d39f77075f0521b15bd9c522b9c3b520c0b62a045b74

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 16:38:00 GMT
content-encoding: gzip
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: HIT
age: 5510
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
content-length: 191
x-request-id: MaylvgsYie4
wn: prod-dash-10-0-123-250
last-modified: Fri, 19 Jul 2024 15:06:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.006
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8a5c23abc8ad4daa-FRA
expires: Fri, 19 Jul 2024 20:38:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 49ms
47ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2KS4V69VVW&gtm=45je47h0v878012093z877303859za200zb77303859&_p=1721407075502&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=1645011703.1721407076&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1721407076&sct=1&seg=0&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&dt=Hackers%20used%20X%20to%20target%20Congress%20with%20spyware%2C%20Amnesty%20International%20finds%20-%20Washington%20Times&_s=2&tfd=7139&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2KS4V69VVW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:38:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 event-stream Show response
k.p-n.io/ 0
126 B 131ms
40ms Fetch 52.58.93.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=gBtyMmS7OT8QOa8yn1NmkJvQvR9TfvNCMu8J
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.93.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-93-204.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 19 Jul 2024 16:38:01 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 50ms
48ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-318004630&gtm=45je47h0za200zb77303859&_p=1721407075502&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=1645011703.1721407076&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1721407077&sct=1&seg=0&dl=https%3A%2F%2Fwww.washingtontimes.com%2Fnews%2F2023%2Foct%2F9%2Fhackers-used-x-target-congress-spyware-amnesty-int%2F&dt=Hackers%20used%20X%20to%20target%20Congress%20with%20spyware%2C%20Amnesty%20International%20finds%20-%20Washington%20Times&_s=2&tfd=8050&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-318004630&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:38:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 event-stream Show response
k.p-n.io/ 0
125 B 41ms
39ms Fetch 52.58.93.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=gBtyMmS7OT8QOa8yn1NmkJvQvR9TfvNCMu8J
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.93.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-93-204.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 19 Jul 2024 16:38:03 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
131 B 54ms
51ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/static/js/prebid8.42.0.5866ee185820.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: d3bd549c4710a37a42aa496bfb9cb3eafb2e8f900d721c102003f9c7eede8aac

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:38:05 GMT
content-encoding: gzip
via: 1.1 google
observe-browsing-topics: ?1
vary: Origin
x-forwarded-for: 80.255.7.102
content-type: text/plain
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
230 B 121ms
40ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.42.0&cb=15591588128&lsavail=1

Requested by

Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/static/js/prebid8.42.0.5866ee185820.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 19 Jul 2024 16:38:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://www.washingtontimes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 371 B
405 B 46ms
45ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1387554&size_id=2&alt_size_ids=57&gdpr=0&gpp=DBAA&gpp_sid=-1&rf=about%3Ablank&tg_i.page=about%3Ablank&tg_i.pbadslot=%2F5856%2FDesktop_InFeed1_Articles&tk_flint=pbjs_lite_v8.42.0&x_source.tid=169cfeb6-26ca-46cf-bd1f-185e5a730e39&l_pb_bid_id=8d669b3b657545&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=a7573bf6-12b8-407f-91e5-6a6edf3ffee0&rp_maxbids=1&p_gpid=%2F5856%2FDesktop_InFeed1_Articles&m_ch_mobile=%3F0&slots=1&rand=0.05685662340834963
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/static/js/prebid8.42.0.5866ee185820.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e202e54f0ee84d3fbd6356c25aac14ed9e19a451b95084f4161e50c149244333

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:38:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 371
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 352 B
386 B 75ms
73ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1387558&size_id=2&alt_size_ids=57&gdpr=0&gpp=DBAA&gpp_sid=-1&rf=about%3Ablank&tg_i.page=about%3Ablank&tg_i.pbadslot=%2F5856%2FDesktop_InFeed1_Articles&tk_flint=pbjs_lite_v8.42.0&x_source.tid=169cfeb6-26ca-46cf-bd1f-185e5a730e39&l_pb_bid_id=99847a7f0a5daf&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=a7573bf6-12b8-407f-91e5-6a6edf3ffee0&rp_maxbids=1&p_gpid=%2F5856%2FDesktop_InFeed1_Articles&m_ch_mobile=%3F0&slots=1&rand=0.8532581269013724
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/static/js/prebid8.42.0.5866ee185820.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 194469aef2a8b7d191c755eb4e3e49d27ea50f0010f954a09a1c4ed2d38cdcb2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:38:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 352
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 371 B
428 B 45ms
44ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1387542&size_id=15&alt_size_ids=10&gdpr=0&gpp=DBAA&gpp_sid=-1&rf=about%3Ablank&tg_i.page=about%3Ablank&tg_i.pbadslot=%2F5856%2FDesktop_RR_Articles_Top&tk_flint=pbjs_lite_v8.42.0&x_source.tid=169cfeb6-26ca-46cf-bd1f-185e5a730e39&l_pb_bid_id=10de2a1d20085ca&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5fb7f953-ddb7-495e-90f6-f4fa35c96060&rp_maxbids=1&p_gpid=%2F5856%2FDesktop_RR_Articles_Top&m_ch_mobile=%3F0&slots=1&rand=0.8278750214063595
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/static/js/prebid8.42.0.5866ee185820.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ffba6106fd07113bb6b809d3f67acb31a01317784c7ec6c4fed5d785786ab710

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:38:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 371
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 351 B
385 B 45ms
44ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1387548&size_id=15&alt_size_ids=10&gdpr=0&gpp=DBAA&gpp_sid=-1&rf=about%3Ablank&tg_i.page=about%3Ablank&tg_i.pbadslot=%2F5856%2FDesktop_RR_Articles_Top&tk_flint=pbjs_lite_v8.42.0&x_source.tid=169cfeb6-26ca-46cf-bd1f-185e5a730e39&l_pb_bid_id=11d6056d20d1e9e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5fb7f953-ddb7-495e-90f6-f4fa35c96060&rp_maxbids=1&p_gpid=%2F5856%2FDesktop_RR_Articles_Top&m_ch_mobile=%3F0&slots=1&rand=0.7192427747082666
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/static/js/prebid8.42.0.5866ee185820.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 892cc4dbbe89a6859982169466057f98db4d74d332953a00443513fa04708b64

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:38:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 351
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 371 B
405 B 81ms
80ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10468&site_id=245008&zone_id=1387552&size_id=15&alt_size_ids=10&gdpr=0&gpp=DBAA&gpp_sid=-1&rf=about%3Ablank&tg_i.page=about%3Ablank&tg_i.pbadslot=%2F5856%2FDesktop_RR_Articles_Top&tk_flint=pbjs_lite_v8.42.0&x_source.tid=169cfeb6-26ca-46cf-bd1f-185e5a730e39&l_pb_bid_id=12c4688b988fff7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5fb7f953-ddb7-495e-90f6-f4fa35c96060&rp_maxbids=1&p_gpid=%2F5856%2FDesktop_RR_Articles_Top&m_ch_mobile=%3F0&slots=1&rand=0.12024706091212267
Requested by: Host: www.washingtontimes.com
URL: https://www.washingtontimes.com/static/js/prebid8.42.0.5866ee185820.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 65621b2926b15594261b562f43bf7825afbd0d230ecb66f6c952301e091c648e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jul 2024 16:38:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.washingtontimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 371
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 201 event
event.insticator.com/v1/ 0
0 121ms
118ms Fetch 3.91.129.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/dff2a308-b1e2-451c-a49a-adadd8636788/e59594d6-8096-440b-9482-3e37d75e11d4-hb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.129.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-129-208.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.washingtontimes.com
date: Fri, 19 Jul 2024 16:38:24 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=hph4LAYuC6&templateId=OTDEX4OMW764&templateVariantId=OTVRIAZD63LH4&offerId=fakeOfferId&experienceId=EXKMIF7G2A8Y&iframeId=offer_a182edd64c4e0f17fd8e-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.washingtontimes.com

Domain: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=hph4LAYuC6&templateId=OT6IEPD30CUD&templateVariantId=OTV4I85TGNEGP&offerId=fakeOfferId&experienceId=EXKMIF7G2A8Y&iframeId=offer_37e7275da93d75db1f1f-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.washingtontimes.com

Domain: cds.elements.video
URL: https://cds.elements.video/p/511634/player.floating.js

Domain: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.washingtontimes.com/	1970-01-21 01:02:55	Name: instiPubProvided Value: 8b2a57d9-3db0-412c-8f5f-74c57c92dc4f
.washingtontimes.com/	1970-01-21 06:55:43	Name: _pubcid Value: d21166af-2afa-4426-811a-ae5628bb457c
.washingtontimes.com/	1970-01-21 06:55:43	Name: _pubcid_cst Value: zix7LPQsHA%3D%3D
.washingtontimes.com/	1970-01-20 22:10:08	Name: InstiSession Value: eyJpZCI6ImVmMDJhMTExLTBkYmQtNGUyZC05ZTE4LTUwNjRlZjExZDFhMiIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
.www.washingtontimes.com/	1970-01-21 02:29:19	Name: pushly.user_puuid_fvNCMu8J Value: DEE0XrOb5bfNdiHajaAXdemttdPypjKj
.www.washingtontimes.com/	1970-01-21 02:29:19	Name: _pnss_fvNCMu8J Value: none
www.washingtontimes.com/	1970-01-20 22:53:19	Name: hb_insticator_uid Value: 3ea323d2-3460-406f-b409-9620b556ba9c
www.washingtontimes.com/	1970-01-20 22:11:33	Name: plsVisitorGeo Value: DE
www.washingtontimes.com/	1970-01-20 22:11:33	Name: plsVisitorCity Value:
.adnxs.com/	1970-01-21 07:46:07	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 06:55:43	Name: khaos Value: LYSXBS3Y-G-B5VG
.rubiconproject.com/	1970-01-21 06:55:43	Name: audit Value: 1\|naVuGyos1qol2/sdY4P+jwNb0fGVcfL/XWaA1sYWTLGWV0Z5iZP8N6ZOwFR9EooLEj4Ygxb0io9t+jw0p2DxZ4eF+cVPisua4HEYI5ehIrU4E1++3MUvAL7FQD2yB//hvsVAPbIH/+E=
www.washingtontimes.com/	1970-01-20 22:10:07	Name: __adblocker Value: false
www.washingtontimes.com/	1970-01-20 22:11:33	Name: plsVisitorIp Value: 80.255.7.102
www.washingtontimes.com/	1970-01-20 22:11:33	Name: plsGeoObj Value: {"ip":"80.255.7.102","country":"DE","region":"","city":"","zip":"","location":"51.2993,9.491"}
.instiengage.com/	1970-01-20 22:10:08	Name: __cf_bm Value: 446FwhDVI.iuAmd8Jot7VYml6qGW7zMOdYXNR12m9To-1721407075-1.0.1.1-lkc48aHCBjskm2.m8AekPnehLgiv5jN_TE3OmOlCHKVjMETJ3PdMYWTg72yMQa.wtyd3df0.xk9fVSQtBD.RWA
.washingtontimes.com/	1970-01-21 07:38:55	Name: _cb Value: DyemxwCYWVxtCO1F4T
.washingtontimes.com/	1970-01-21 07:38:55	Name: _chartbeat2 Value: .1721407075616.1721407075616.1.Bg7mE1zUxHsD3J3jgDdwiFdCO-GD3.1
.washingtontimes.com/	1970-01-20 22:10:08	Name: _cb_svref Value: external
.go.sonobi.com/	1970-01-20 22:11:33	Name: _usd_washingtontimes.com Value: 166ed97f-cd73-4077-96dc-736af0475b68
apex.go.sonobi.com/	1969-12-31 23:59:59	Name: Value: receive-cookie-deprecation: 1
.go.sonobi.com/	1970-01-20 22:10:07	Name: __uih Value: 1
.go.sonobi.com/	1970-01-20 22:11:33	Name: __uin_z1 Value: 1
.go.sonobi.com/	1970-01-20 22:56:55	Name: __uin_cx Value: 1
www.washingtontimes.com/	1969-12-31 23:59:59	Name: ads_spv Value: 1
.go.sonobi.com/	1970-01-21 06:55:43	Name: __uis Value: 531d46a8-2353-44ee-91a4-998b1763e50c
.go.sonobi.com/	1970-01-20 22:28:50	Name: __uir_cx Value: 48872275
.go.sonobi.com/	1970-01-20 22:10:41	Name: __uir_z1 Value: 48872275
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86220\|ZpqWZ
.ingage.tech/	1970-01-20 22:10:08	Name: __cf_bm Value: Lotry7vFXmXjbtDYeCbEt7MEsi03fT7jY1FDxSg92Gw-1721407075-1.0.1.1-1XLrbWUXSaTyQoRweHvaut1.j0icNVROYo0d5x9JxuEk5UAigZsScUBDtqvL7KPxrwVRbK4G2T2LvCCb_kxHQg
.washingtontimes.com/	1970-01-21 06:55:43	Name: cf_clearance Value: CsLtKSKi8IB1uUrMLcUygtY4XRr0GibGyfDjwEw2gf4-1721407076-1.0.1.1-elHi4W_dBeM9evVO3UFvTkN8riRl7TYjnn02VhyOox8qk20sjVRsF4fBC04vN8xaHd2BaDAqy3JlHRvlGuNFsQ
.linkedin.com/	1970-01-21 06:55:43	Name: bcookie Value: "v=2&7ce3e9bf-78bc-49ff-8e59-9b2d00afe04e"
.linkedin.com/	1970-01-21 02:29:19	Name: li_gc Value: MTswOzE3MjE0MDcwNzY7MjswMjGU29eMp8t8xEs/xsoTDQcYh46KSod2wEibrPM/0JmG+Q==
.linkedin.com/	1970-01-20 22:11:33	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3330:u=1:x=1:i=1721407076:t=1721493476:v=2:sig=AQHja8jASNzX9pb9IYwOBny6irfHrhpL"
.washingtontimes.com/	1970-01-21 07:46:07	Name: _ga_2KS4V69VVW Value: GS1.1.1721407076.1.0.1721407076.60.0.0
.washingtontimes.com/	1970-01-20 22:11:33	Name: _gid Value: GA1.2.817745034.1721407076
.washingtontimes.com/	1970-01-20 22:10:07	Name: _gat_UA-3328123-2 Value: 1
.washingtontimes.com/	1970-01-21 07:38:55	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBmATgHYeABn4AmfgBYBADiEdZIAL5A
www.washingtontimes.com/	1970-01-21 07:46:07	Name: __pcvc Value: {"piano-device-type":"desktop","mobile_webview":"false"}
.washingtontimes.com/	1970-01-21 07:38:55	Name: _pcid Value: %7B%22browserId%22%3A%22lysxbt1d3hee2bn4%22%7D
.washingtontimes.com/	1970-01-21 00:19:43	Name: _fbp Value: fb.1.1721407076606.879987979655069522
.embed.ly/	1969-12-31 23:59:59	Name: _cfuvid Value: a3UVfTBgcO90nFcpSjY6h6ta920Cy5AcYxAsk2wapNw-1721407076694-0.0.1.1-604800000
.twitter.com/	1970-01-21 07:46:07	Name: guest_id_marketing Value: v1%3A172140707668772913
.twitter.com/	1970-01-21 07:46:07	Name: guest_id_ads Value: v1%3A172140707668772913
.twitter.com/	1970-01-21 07:46:07	Name: personalization_id Value: "v1_ImQTfVnDIh81vDa88Nmu5w=="
.twitter.com/	1970-01-21 07:46:07	Name: guest_id Value: v1%3A172140707668772913
.t.co/	1970-01-21 07:46:07	Name: muc_ads Value: bb3d2b1c-3e6e-4164-a620-a9cf8502f01f
id.tinypass.com/	1970-01-20 22:10:07	Name: AWSELBCORS Value: D54D83371CA73269B30D9CD8F7A2329AB776287862C53884B438BAF2EA6E18262E3A59471686B5714F5E262BF3CCC94C0B74745A2BFE6F01115E3CD3DC0040A2BD2AFA118C
.washingtontimes.com/	1970-01-20 22:53:19	Name: __pid Value: .washingtontimes.com
www.washingtontimes.com/	1970-01-21 00:19:43	Name: __pnahc Value: 0
.washingtontimes.com/	1970-01-21 07:38:55	Name: _awl Value: 2.1721407076.5-de8511b1b1d033a48f5a0f409b875c3b-6763652d6575726f70652d7765737431-0
.pinterest.com/	1970-01-21 06:55:43	Name: ar_debug Value: 1
.washingtontimes.com/	1970-01-21 06:55:43	Name: _pin_unauth Value: dWlkPVpqaGhZVGt3TjJZdFlXVTFPUzAwWVRJd0xUbGtZemd0T0RRNFlUQmtORGM0WmpBdw
.ct.pinterest.com/	1970-01-21 06:55:43	Name: _pinterest_ct_ua Value: "TWc9PSZDc2tjdzd0dGFjNldWYURWcE1jaUttUmRRaXQybnFUVDNraFloUThNK1huWWUyZitCdjBjRGM4Ry9RMDB4ZVJXODJUSWh3NElRVzU3OGcwbFVnR3R2b016TnQ4RXYwdjNLaXNTYWQwcXJvUT0mYUd3bW5tOHBzWDYrYVdHR3NzZzdaNUxJamRBPQ=="
.connatix.com/	1970-01-20 22:30:16	Name: cnx_userId Value: ddc026829e6942449c946d501ed210cc
.piano.io/	1970-01-20 22:10:08	Name: __cf_bm Value: q54wcHT3.WHji2BcURgp94x1vvJusfEsqToTsCs9U5I-1721407077-1.0.1.1-QPwQCDHsXfo8c9wfLGKigytVI6uZYHX0o4c9bXlk90FSdmzHFuKW.PoKxKZ_3G3lmUt5tZzvgszh4WhaGIWISg
.washingtontimes.com/	1970-01-21 00:19:43	Name: __tbc Value: %7Bkpex%7DpdZtchtD2oxfDIXZhckxv0EanDgKwgXTbuRNEEy4f4YM8KeVNE71NNJ_tYcK0VHB
.washingtontimes.com/	1970-01-20 22:53:19	Name: __pat Value: -14400000
.washingtontimes.com/	1970-01-20 22:11:33	Name: __pvi Value: eyJpZCI6InYtbHlzeGJ0MWxmeXphZjBhMiIsImRvbWFpbiI6Ii53YXNoaW5ndG9udGltZXMuY29tIiwidGltZSI6MTcyMTQwNzA3NzI1OX0%3D
.washingtontimes.com/	1970-01-21 00:19:43	Name: xbc Value: %7Bkpex%7DmlsyEQ4eyOwKy96x2BRd8U_4gA1T13WuIjP6tk4f3Jftf9ncCgXxqq8E-_qHBKKDEQliu_jhG6MEDwhrvDmESJZG20khf1he4hv4MGm-gbu-fMTXmgOGIz7-uJygG1FU6YDheSl2OL20R4fS_yqE-g
.washingtontimes.com/	1970-01-21 07:38:55	Name: _pcus Value: eyJ1c2VyU2VnbWVudHMiOnsiQ09NUE9TRVIxWCI6eyJzZWdtZW50cyI6WyJMVGM6YWNmYWEyM2Y0MWVhZDlmNmIyMmZhODYzOWRmM2QxNjc4NDcwMTg2YTpub19zY29yZSIsIkxUczpmYTNmMGQ0YTZmOTU1MjVjMzc4ZTkwMDVjOWI2ZjI0Y2MzM2Y3NWE2Om5vX3Njb3JlIiwiQ1Njb3JlOjU2ZTcwOGJjOWQxMGI0ZmY4ODdjY2YwZDZkZTI1YjQxMmNjMzFjZjc6bm9fc2NvcmUiLCJMVHJldHVybjoxOWVjZDFmNzk3M2U2YTI2ZjQyOGY4MzNlMjk1ZTkzODU0NzdlODgyOm5vX3Njb3JlIl19fX0%3D
.washingtontimes.com/	1970-01-21 07:46:07	Name: _ga Value: GA1.1.1645011703.1721407076
.washingtontimes.com/	1970-01-21 07:46:07	Name: _ga_318004630 Value: GS1.1.1721407077.1.0.1721407077.0.0.0
.postrelease.com/	1970-01-21 06:55:43	Name: opt_out Value: 1
.washingtontimes.com/	1970-01-21 07:38:55	Name: cX_P Value: lysxbt1d3hee2bn4
www.washingtontimes.com/	1970-01-21 07:38:55	Name: cX_P Value: lysxbt1d3hee2bn4
www.washingtontimes.com/	1970-01-21 02:29:19	Name: pushly.user_puuid_fvNCMu8J Value: DEE0XrOb5bfNdiHajaAXdemttdPypjKj
www.washingtontimes.com/	1970-01-21 02:29:19	Name: _pnlspid_fvNCMu8J Value: 20418
www.washingtontimes.com/	1970-01-21 02:29:19	Name: _pnss_fvNCMu8J Value: blocked

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=88 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ads.rmbl.ws
aax.amazon-adsystem.com
absorbingband.com
accounts.google.com
ad-delivery.net
ad.doubleclick.net
analytics.shareaholic.com
analytics.twitter.com
ap.lijit.com
apex.go.sonobi.com
api.btloader.com
api.rlcdn.com
audio.api.speechify.com
auth.instiengage.com
b-code.liadm.com
bidder.criteo.com
btloader.com
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
capi.connatix.com
capi.elements.video
cd.elements.video
cdn.confiant-integrations.net
cdn.cxense.com
cdn.openshareweb.com
cdn.p-n.io
cdn.tinypass.com
cds.connatix.com
cds.elements.video
code.jquery.com
comment.instiengage.com
config.aps.amazon-adsystem.com
connect.facebook.net
ct.pinterest.com
d2.ads.rmbl.ws
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dsms0mj1bbhn4.cloudfront.net
event.insticator.com
ex.ingage.tech
experience.tinypass.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geoip.insticator.com
geoip.instiengage.com
hb.minutemedia-prebid.com
html5-player.libsyn.com
ib.adnxs.com
id.crwdcntrl.net
id.tinypass.com
id5-sync.com
images.outbrainimg.com
ins.elements.video
jadserve.postrelease.com
k.p-n.io
lb.eu-1-id5-sync.com
lexicon.33across.com
mab.chartbeat.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
netdna.bootstrapcdn.com
news.google.com
newsletterjet.com
ping.chartbeat.net
postrelease.com
prebid.a-mo.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
rules.quantcount.com
s.newsmaxfeednetwork.com
s.ntv.io
s.pinimg.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
secure.quantserve.com
securepubads.g.doubleclick.net
snap.licdn.com
soapps.net
speechify-api-dot-speechifymobile.uc.r.appspot.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
stats-collector.cxense.com
stats.g.doubleclick.net
storage.googleapis.com
t.co
twt-thumbs.washtimes.com
vid.elements.video
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.npttech.com
www.shareaholic.net
www.washingtontimes.com
buy.tinypass.com
cdn.cxense.com
cds.elements.video
104.16.143.111
104.18.10.207
104.18.20.97
104.18.223.248
104.18.239.248
104.18.24.111
104.18.25.111
104.18.41.104
104.18.43.204
104.22.58.64
104.244.42.195
104.26.10.235
108.138.6.136
13.107.42.14
130.211.23.194
141.95.98.64
141.95.98.65
142.250.185.104
142.250.185.66
142.250.186.102
146.75.120.157
147.75.80.51
151.101.128.84
151.101.2.132
151.101.66.217
157.240.251.9
167.235.124.23
172.217.18.4
172.64.144.52
172.64.146.152
172.67.155.215
172.67.74.24
178.250.1.8
18.238.243.114
18.239.68.199
18.244.18.122
184.28.89.148
184.73.100.94
185.89.210.141
2001:4860:4802:34::36
204.16.247.184
216.137.44.123
216.239.34.36
216.58.206.35
23.192.241.163
23.21.101.201
23.212.89.151
2600:9000:206f:7c00:9:78a:e540:93a1
2600:9000:20a0:e200:c:d51b:4400:93a1
2600:9000:20ab:3e00:8:48e:53c0:93a1
2600:9000:223c:7e00:6:44e3:f8c0:93a1
2600:9000:2646:fa00:18:1fcd:354:4b41
2600:9000:26e8:6000:10:3422:3f00:21
2600:9000:273e:4000:1c:386f:ec80:21
2600:9000:275d:2600:8:8845:1500:93a1
2602:803:c003:200::21
2606:4700:10::ac43:293c
2606:4700:20::681a:1ba
2606:4700:20::681a:346
2606:4700:4400::ac40:90fe
2606:4700:4400::ac40:9296
2607:f350:3:2569:0:10:0:a
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:808::2014
2a00:1450:4001:80e::201b
2a00:1450:4001:80f::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c04::9c
2a00:1450:4010:c01::54
2a02:26f0:480:15::213:7e63
2a02:26f0:480:b94::268b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:600::649
2a04:4e42:8e::84
2a04:4e42::714
3.213.115.59
3.224.42.41
3.91.129.208
34.120.133.55
34.215.24.217
34.239.11.115
34.255.106.40
35.227.252.103
35.244.193.51
38.70.189.70
38.70.189.72
52.0.214.159
52.214.212.45
52.36.224.135
52.55.141.237
52.58.93.204
54.171.243.181
64.202.112.255
93.184.221.165
033ce432d750dea22adc9a6c46276b2a50976eb2b080f61cfb501d41db84a697
043e345faa7e2e3891f8607f0eea59dd3308c6fa4cb9667a4e3ab0f7e7702770
043f82feb57664875fad1d119a043518f37086de73790dac820ef14d3968aabf
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
05237e423e650346b9f7c2565f6434fd4fb4a42338b250e0157bfd321591ea52
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
079cdaa2d98200ef08ce012982a0c73a6d22e272f87bc4584acfbfe6f688c76c
0850b288a730703666e701e56750707d575cb1f006198408522077397d230462
0a8fb11ec205a80399632ac504705edc26d45e6ce1d04f13cb9d7f666b71b625
0f732ac4590f6f34b76eb1038a7f828859189558969b1994c6b475d855a284f1
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
108aeec86aa00a09dfaca605f722e937d64c9e51d82a64509cc3b9b9dbbf7a84
11c0f037cde2ea58d611524ed7eb14d88cec5a6c597e22eb54afb9b0cf748de6
12b63784ede2afa7c8d9b70d7e0b23a4f88a1986b96cc9e49335c3f08d111adf
150e7c69615226b7eb530254b056873fafca25505aca9bb2a297277bb27cca09
17fe77e12663a3f6203343cf11d71cd3c17bd0aedbb55ad7e7e8c682c19f7b76
194469aef2a8b7d191c755eb4e3e49d27ea50f0010f954a09a1c4ed2d38cdcb2
1a42f3aea93725922fa800e1a132002819882cb23c4235b4f971e1a71dedf9d2
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bc44d475ade5be1e318709bac2e38d9df0c7927bd3f88d23ef3d0ed1ce9994a
1be9eda34c3fea80871ed747fa5d42e9c60ceee3689394789f9b5d6809e11a3f
1ce267c706ab31277fabfb14c8527a6cfcbe159581c485210517b5a2ea5655a0
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587
1eb72b73d057844065ff868ffa278fda422f32217d80426ad4b20be499ea2990
1ee1d39503b0712550ddbaded3d9db3214348067e88475416a8fef3eb4389c98
1ff0ebb20dd0177606f51abd80ded707c304c46890866c14f418e39673eee34f
20d4a2936d7b7d45d7c34f7363e47dd07a0d70bedb797a02ab84131802845cc1
218b4fde01436ab9821ae7674b7cfb219cb154cd13988cac2011dbd7bd4ac289
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13
2530994c2e77181dbc42603bd2dda4d3b7310d7bbccfb34f34a83bdcb3acc384
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
283c2151fc9c4700b4ec89a0c55b6893a64d4e9f8d1ed68e49e3cd5d32bac905
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
29ef974e899f90a273e61e0139ab03c5c9bfe6d47d9f8584fad6ea4d5df1ad8f
2d597fa62e3fa205e5c6c542b8723b31ab20536c3ffd0ba0f1d6ea2c9fb90114
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
3254b83e6983833901db711977cc820b4a2de4f69df93436325e4d9e16946d41
37663f7b1e295c1f7483c9dd9ff185ea56d380ebb1fd18687cbbd9fc226ebb94
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
384d2562e864accb1807b170370cb8a24f7e745533a08566bd1051c5187d24c5
391f7d536faa20344cc02870271c192e31fd02094700ad7c2fa314c6f6d0e167
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3a8fc459d3129a8ee72aa980fb717be206e36eb9cde7cd4c0c343db0b38bd63d
3de6ce02d81c47f468c8047734e2322cb51ae94a96a16ea497d1a9b99cd43514
3ec0f953f98d8c4bd15be23a55d910aa5528efc912270da5fa352d4c4c4423de
4060cb004e2eb4743bfcbd3fb1c23797962cc6482974be511541a9c1cdb179ee
413db14827d3cd899f935467d415cf94c3cf1dcf41e0584f43f230a4d1658d17
41f2a696c506ffb0a2ac91dc19a8c101cb86ee7ef3bd40d28e93c7d79e3ccc77
425c0ec55511fab2415531d7928c7ed37a51b455825114ab81b332f4a3df63be
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43263077c048728e38bc6d15f5f17ca333e3296ee7ac1ccaf981b2862e9f5967
43a0e90f00a0fd7d5630c5200c1ac0faac53efccb92197b2ee8cb5614d9b875d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4477c215d86d0a9bb036a907877a489afee9b0e60c4b219e0b3349771e7243fe
46ffdbb826033b2b51f222bb08355173900fcd97c07c2983d00b44bd3a3e5873
4af6210e6e5654ab134680a7d46375c36147a028f7de9a2411c6b462f4be600e
4c4856d55ab1a29e644a9399ed6cd12420ded6eefcbf826e73a67d2c6571c4e3
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4f8186f78a0e66036989b855d0de35f2f6e1d37e70e533fb091f28ab6038d97d
52e1cc289a6021a3f1609eae5daa692dbdd7ff228307cc5b4350b1ad280e5ef9
55cbe06206d5299ce508c1062408f39d51af44a4a90ba9ab56aa81d80cd0e3a3
56b92097c5c919a3fca9ef3202301b12837a5c2688c4971fd3bca4b028cc865c
56f50fd530a6d9b653cea9e0281944c6d99a8da426f7f98c36675aeb63af5a19
570735f508e7a7892003771d08c5f120ab7d381f09c145d95755f4fa93fed39b
58ea4588e2d7e98e36d9201bae187e30b30cbc5127cddff85606d707b45d91f7
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b38b71f3a3f9dff86056ea706d3f80568c2afcdc0584f612a96150d12f013e0
5b6d729d6dd134339099deb0f343bc30ae059d2ee0c6d3863f248319fe30ffef
5e4a60da7f50df6dd9a40bb33a86840fc81c6ac6d58705cc46048ad2c801abce
5edb08b00dd89b4d6b4864a4550c73014a730b7d1f612fa8713d2c3e13d8633b
615abd6358b55e9badccab745ec3788c49d67100d0d5bf65af86d2a9f3d24bd5
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
6418e151e906741cb1e64a1dea6e1fc5dbb5f695132556cbca3a4ead338fd814
64242620e74b79915f5014b875ae73457a4738c559ad8a8306f2afa846534ad5
647e7e180d8ac352dfbecb9f85ee91524c56b80aec02b65da3c62297212f2f53
65024289c4af3db52beded7416242782f336e24d7b5c60adc3a5bbf701569489
65621b2926b15594261b562f43bf7825afbd0d230ecb66f6c952301e091c648e
662ce64b8867077cccfe0d666ad2b450ce0fd15a57b97e17715fcd141c1bc638
66398edf56d9d492c5990ad76fd7d026d0ec200f662616abebba45da845bad7c
6757988a6bd74964731e8e2a22f89bb456354d23b538320f967b253a484af33f
68ce1906923119ea4d065fa7e5d341ae66c6f7acb8fcd77e1d39aaa06f6afdf3
697a804a7251c1a4dd37616d8ec14898b1ca15ce38220d8fbc85a5c767527e97
6d4f5f33e523a7c0dcc092a2f06a6cdafb774eddbd7f9c4ea0255c4f713e853b
6d8d3536266d00e3f350d39f77075f0521b15bd9c522b9c3b520c0b62a045b74
70500d429398c9a4b980761906899a7df69d91b0619f510639828f9a9a8a56e4
7063f4712eceb68808952770d3d08f564b77589a25e803fa86795749e845c75a
71824fb68a45be8780113e74b2e6ca7d245196372f1a57d615600c421c75a601
72d8ea92d665d2014ece1d3722e7dbc6c0c8aef58236c71410e8dcc6ffdd5029
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
7758f8f3b81bbf7755b5d35c06c06c01b85659f84e034572d902338f92a27634
7abf04a3481e605a64967afe6d581410f94540d3e2ccb42a6936d4a17b70a82b
7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f
7f33021ca85f73bfdfad6d2fe6348c0f8609151b2e3b329bba87575f75b63a98
7f62fc780c1d235b03557ce9576326685fae0aab0130d63f3600466c8192e36a
8161329d54638727348b9cdca69ebc63f83c6bd27ac8f952b483e6a95e192312
81b6cdd2aad9df8448190d4994628ae0f33a47bd23c3f51e91f1c5dab828e43e
83f54f9a87f6274c7edee024ab88ec379c52d4fabdab0831ea7cf71bcc0748aa
88426495eba27827767497223041c6acbd4b62d1e8406945f1dfdef44a8c6f64
892cc4dbbe89a6859982169466057f98db4d74d332953a00443513fa04708b64
8e097a1eaacbceb7110fb8acb68aa3371c520f2d24ada7bde79ab4c63487b1d7
8e6215bbbc3615a74c48a71a8eec5197d7ef8ed17d20f6c6055fda07d45e8373
90531acb28f2f696000c431480a8d71e0cf8d83115f71990b76048a38fa2f7dc
9151dd12def34f464f7b42b296a5375abe88763c4fb1aea835e5fd6313d6b0bf
91ddf176dff3589e22d0983660567bfcef8dcb370aa0b5763199ebcaaf83108f
92b425b3558c756bc75435caf2124ddf2203f1b4167efcc64ade89ba2119928a
932960e3c838a53906c59d181db6003d72cbe4d854a3e9f8f32d509bc82dbda0
93703314df7fbdbe428b2110a17479eb2f9e72b6746a365e7863f1053f14dc06
9408f8828e0c4ea26976ac1a2932aafefdb04933a7e16bbe4f8663c4eca8de44
94cac50078714276e10ecf8c4c4e21c9ca020e9344b7a8d95032ac10de5d1545
95607b85cf5f947b01cabb1b0f067cf26c209247c9a409354aeddf5edae5b5a6
9705a34db75946b8138b979786bf263a534ce00d1433fc83c1268ec0da69f1a3
9835d1fe29b1f421a90bcedff2b3dd52093690ae9ac9d9bb9c604d11cc67b2da
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9cb7edf838db4d47002019bdccc953e83528cd05f709d9e39826a6b31ef50257
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1c9a21ede44774a26110c312c2c5398e074132f6e243011c15b4bfd660702ab
a3d082d58577c2f480d1f32c7941fed5a6a02f43ac5ac3ecb71f9059c1c588ce
a4534bf84a80bb80d23be50aac9b720d1e572d7a990fdb2c1c0b1c800c2eb394
a56eeaf10b740315ef66b7b210fa58919956cd30d727166a0fdecce16f58c211
a59b6b387f514db2d8d2b184893944a7a71072130cfe8d2bc26c7238120838c3
a7be991c1cc7f28524357d35f090172bb081958b0a6b33b243b5728d44cd3cdf
a94c5c23d5a0f81c866631d8fa57ef092d09b5237217b3a5b977883611936794
a95f3bd7d02b4c9c8b0c4dbcf71f5346f233ab13b7f305362a03bd9762f590f8
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9f32e7c6b749a905876934e79526bc92b0625537c6e6928825ed951b8f916c5
aa772f57f2b74692562e1bed1694f4ac7d90a33ed53e502271c84f38dcd2386c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa7dcb07b9e5fe106c0a21849380e0d2e0adb83c583b40a05b630651261dd4cc
ab34ca3a969911eb45a512f40a7218e8ba0bea222fc5647592a85c91d1cd12ff
ab85ec4903b21c7c322759f925d40a57a22b0912b7c61f79dcb5f3ad00503608
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae147bdedb062e34a025af585c79f80ebfe2b7e9ed99826f9192a78ddba677c3
af769518fcc767ae5793127953eddda981dc2f2f20d65f7dc3d88db36144ab69
afc58335390465ac62ab4e0308f62cba63b2cfceb71b7a06b7cc98f9b790d9f5
b2e6482dd934a53ccea01fec576e6df098fb782cfa74d639397f2e8057076b92
b389f1b9fe54819687b6fe187591e761e97b2bfd992aa1bc28e8a9cd8e6b8498
b4875b0fdafde57e054fd846053f25f22afbe89f3fc3adae15f01b0328d2f0e7
b4bb792085dcf7c285b98169562b0ffec817818dc522170d940d2f53491672ba
b59bd4faed96ead225478a5cbf66cfe0c0a1513370143991f889d0a8b0493e66
b5d718c53913047829f6bbe4e42ccd3dcc1475dde86e2d5a6169d7c96babc0a0
b719701fed642ce20b7e0c03c80c2072ceb1324b099ca7a69f3be5e6e6223157
b77215f9db686315efe3a4e5031659abb6f1456ffe35e3bb6e1650ed5ba62536
b893f7ec9d157cf54fb9f891342ab5bfe542e9b06482a88523b5de36b54e61c3
b95218513284dd3cf897ce41b5826709c8b0107ce49bb1a5faf62732f88a7bb1
ba0576701a027fc1282b8d2fa7dc6e2267a12dfd5972204467ea39cc2259140a
ba8013e42d63dbdbfc221de6dc83914beefff7c00ebc8e6af4682f71141283d4
bc0d83e5e39fb0ccb3a013b049bde41adbf562a73c30b3fe74f1ef9cad34c219
bc7c69b3ebfa6cc4b83c572daef3d1379474d157dd9dad051085f688cdbc0454
bc7d5521449ea42b17df2f5102016311f3f7d4ca6814684cad324bef0f9f7329
bcb6cc801807305212190519cb6d59acaabf12e6ad20b80fc3d879a6f514f31b
bd76f4e7aa1b4be0db3994a92b3730976dac96058df0e8bea23f8f5661cc5663
bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2
bfcb5d315a5dd02239606a0af664c41962154b5470ca651227ac2972fa80814c
bff07e007ec24715de3094752d87a225bbdb59945c8176ffe98f3bbd0234a2bd
c0b8eb1dad214845ea14f832439e5fd0eea407ad87a236d1076801808e4a3478
c10da6675b0d4498f7f2093a788cec50e35e20cd249f633e11d29c9c7709d34b
c1d9e8dc9d1d9412685c64fc9992900839b14b9d633644a238949d31985f61e5
c20c3b01a8ecd1746b462753e72086341a84f6d57cb95d3049dcdc7531d06004
c33a7b3c541b3151517bdaaffeb1b40947d6e0da97af38528550a2166b40953e
c5a562f6bd7161025bcfdb4d9009ced16d4531723f51bb532b5396d98ac29f0f
c6041a7db9c0feae58c85cea9ce1cab02afd3927927a1f161ea5216958fd4592
c7c78443afd8c7b15978afb5f3ae29690402509823bbd9fd34923f2b611c6138
c95711d0237118239e822234d1ef2cbb19ee44283601784570450c588e038b75
ccb9e784aeed749aace58c8ba9719928ce908e26650f9dfebb41fa1f31c1fb34
cda6c67ca288b9466bf5287beaf9f16eaca59a54f9e6e81fb441450502ad5595
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd717bdb81dd9e2dc4de88915bc85a6dba2e5305cf1237d56ec1a7028eadbcc
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0f1143c41b5f573c5e204b39f278e90e2efce4966becf24a1686e24c8f8816c
d136b8fd897ad22bf498ee0e31bcf8c92deb6018a3980269f6efbb59d74064aa
d2fbaa43d35e58cf0a91206dbcebc3871939f28aa5a34aa6f0606c5cd2fc6006
d3bd549c4710a37a42aa496bfb9cb3eafb2e8f900d721c102003f9c7eede8aac
d4eb65c8eb0db2f38be18391c0d1254a721b0c0e4587507b59b86085588bc700
d5aff8f6ac69e5d6dcfda9cf522352ea2dafaf9e89435d08cd9f8d1312ce021e
d60a358f5431adcd8ea0d4f06f1d616de2aa8d2f10d63665ead37eab24a41d81
d62f0f7268437dd483e18fca7de2195e8ec4700b83a0ed4d5ebcdcf343dfb914
d6804a53b18d165bf6b7971e81011d60237df8c812c107c3144919527d6a015e
d69b5e9bc8bcdd711f2b9b16d268aa83889f3441067c42fa7664602993b66605
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d987b96e4134841680fe5ede6e7ca73c5e4cc58fcf618be8571872aa9b6a26eb
dadbd2cbc3f3886ca88965a1e4df091ad3d6fbc57ea9ed0864c98f45008ae4d9
dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4
dd35ce1c67491a7648b4b4641b1f946047e0f8b291c3acf2c580d39a21736427
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df7cf75f915b949fcf5b71529fc41e71e2e3d34ca275cb0f9cfcdbfe790fc678
e0e4d50e4844e46ea8ac540fc8a6565f5eafbb0d75ea1cf1193bae8b8b091508
e202e54f0ee84d3fbd6356c25aac14ed9e19a451b95084f4161e50c149244333
e2bfb590ba3c1f4f497158378e86feab61b35d3dfff70bafaea88037ebe16d88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e415b6816207e223acf421badcc2484d9cb5d10d390a7050109efbf902563bee
e4c1c113a37481dcbd8be0c787858bf507c067ad9169ca987961a9cfe882a36a
e50a9a8d17f05a524bf905c43389fa9594546c87052b3e2639b4224efd647f17
e529b3d3f042219c2001b43a6a1b74382a2c231deaf3e8ddcda74821bebd2c80
e56c5a6048f447ae55318bc805dc3d8251636045c8b88768da47dbd2e2c0139f
e5f0592d6b37a521bd1070b351dcd6d8e89593a7935e2191c547197705037fd2
e7341c756d4764bdc91ae5b1870b47e69aae36f7492fa09e5875386f394b0fad
e8883a5e3f096c8b08956df2a061298e876e0043cc0417e6746eeb3f9a76e1d3
e9b18f1ea672712de98ffd6db352910d79e3681ed7e1febaae718c24a6b96e95
ea185e269e4f10b619c995b62302b5824d00bffb63dadbd399cb5abde1bfecf9
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
eba2224031ba056f261439d5a3075bf7c35d0832ac66cc5d3d6b7ceb66caa83c
ecc1baeab33ebd4b540c9de6ec3aefd86d82196db0aacb1b88eac282585afe97
edf14dbf925ed50ed1bf95fb59d4200fbe859e5ae3808bbe4f080cb9080eac5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48c6af8ff4f8b6371bc365c303dad5bf7b08a96ac967fba29aea52d5499ab41
f5618afa899d02afdd80773b457fde7a591a77bbb351fb5116d728eafe98d0ac
f660f8bdf74668efde611f91ce5d4037f6f0a07d5349db2d07998c9324bedd95
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb9dfe8751d4bd0573f9395c10201d3b56c424d15394841d18d80e0350b7a0a4
fbfed1ab34247037b0d094f8fdc17a76003a50a524713042c1f0bf7ac45b73f3
fd11fe6c40851b3191967b3630107f062e826064ac65bf45709ea75974dcf760
fd124923f99aeb015322c05b5885d6554ef5b036bd4a1b676c63f9127574fe8b
fe22f6e117253fa0536f71be7311fb161962b3db35771875aee46e432349194b
ffba6106fd07113bb6b809d3f67acb31a01317784c7ec6c4fed5d785786ab710

www.washingtontimes.com Open in urlscan Pro 104.22.58.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

282 Requests

96 %HTTPS

36 %IPv6

71 Domains

105 Subdomains

101 IPs

10 Countries

4590 kBTransfer

12815 kBSize

69 Cookies

0 Outgoing links

Redirected requests

282 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.washingtontimes.com Open in urlscan Pro
104.22.58.64 Public Scan

Screenshot
Live screenshot

Full Image

282
Requests

96 %
HTTPS

36 %
IPv6

71
Domains

105
Subdomains

101
IPs

10
Countries

4590 kB
Transfer

12815 kB
Size

69
Cookies

282 HTTP transactions
1 data transactions