www.myminifactory.com Open in urlscan Pro
142.44.215.232 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.myminifactory.com/users/investigating-business-joe-biden-son
Submission: On August 13 via manual (August 13th 2023, 7:50:56 am UTC) from US — Scanned from CA

Summary HTTP 106 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 17 domains to perform 106 HTTP transactions. The main IP is 142.44.215.232, located in Canada and belongs to OVH, FR. The main domain is www.myminifactory.com. The Cisco Umbrella rank of the primary domain is 332001.
TLS certificate: Issued by R3 on May 18th 2023. Valid for: 3 months.

This is the only time www.myminifactory.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	142.44.215.232 142.44.215.232	16276 (OVH) (OVH)
2	172.217.13.202 172.217.13.202	15169 (GOOGLE) (GOOGLE)
23	172.67.70.176 172.67.70.176	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.39.128.68 54.39.128.68	16276 (OVH) (OVH)
14	172.217.13.194 172.217.13.194	15169 (GOOGLE) (GOOGLE)
5	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	172.217.13.104 172.217.13.104	15169 (GOOGLE) (GOOGLE)
5	172.217.13.99 172.217.13.99	15169 (GOOGLE) (GOOGLE)
2	200.225.45.125 200.225.45.125	54641 (IMH-IAD) (IMH-IAD)
3	172.217.13.206 172.217.13.206	15169 (GOOGLE) (GOOGLE)
1	74.119.119.65 74.119.119.65	19750 (AS-CRITEO) (AS-CRITEO)
5	172.217.13.129 172.217.13.129	15169 (GOOGLE) (GOOGLE)
1	172.217.13.98 172.217.13.98	15169 (GOOGLE) (GOOGLE)
7	74.119.119.131 74.119.119.131	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	74.119.119.80 74.119.119.80	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.149 74.119.119.149	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.130 74.119.119.130	19750 (AS-CRITEO) (AS-CRITEO)
13	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	35.84.229.168 35.84.229.168	16509 (AMAZON-02) (AMAZON-02)
2	185.221.87.23 185.221.87.23	54113 (FASTLY) (FASTLY)
1	172.217.13.132 172.217.13.132	15169 (GOOGLE) (GOOGLE)
106	25

3 142.44.215.232 (Canada)

ASN16276 (OVH, FR)
PTR: ns555072.ip-142-44-215.net

www.myminifactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.202 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.67.70.176 (United States)

ASN13335 (CLOUDFLARENET, US)

static.myminifactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.39.128.68 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns562059.ip-54-39-128.net

cdn.myminifactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.104 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.13.99 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 200.225.45.125 (El Segundo, United States)

ASN54641 (IMH-IAD, US)

stats.myminifactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.13.206 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.65 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.13.129 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.119.119.80 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.130 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.84.229.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-229-168.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.132 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	myminifactory.com www.myminifactory.com — Cisco Umbrella Rank: 332001 static.myminifactory.com — Cisco Umbrella Rank: 441732 cdn.myminifactory.com — Cisco Umbrella Rank: 469663 stats.myminifactory.com — Cisco Umbrella Rank: 569661	2 MB
14	criteo.net static.criteo.net — Cisco Umbrella Rank: 617 imageproxy.us.criteo.net — Cisco Umbrella Rank: 2655 csm.us.criteo.net — Cisco Umbrella Rank: 2648	108 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 151	276 KB
13	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 475	117 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1730 q.stripe.com — Cisco Umbrella Rank: 15822 m.stripe.com — Cisco Umbrella Rank: 1612	151 KB
5	gstatic.com fonts.gstatic.com	220 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	27 KB
3	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 2580 cat.va.us.criteo.com — Cisco Umbrella Rank: 2524 rtb.va.us.criteo.com — Cisco Umbrella Rank: 5926	48 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	330 B
2	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 10033	800 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1845	16 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	153 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 245	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	57 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1216	334 B
106	17

	Domain	Requested by
23	static.myminifactory.com	www.myminifactory.com static.myminifactory.com
13	js-agent.newrelic.com	www.myminifactory.com
9	pagead2.googlesyndication.com	www.myminifactory.com tpc.googlesyndication.com www.googletagservices.com
7	static.criteo.net	ads.us.criteo.com
5	imageproxy.us.criteo.net	ads.us.criteo.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net www.myminifactory.com
5	fonts.gstatic.com	static.myminifactory.com fonts.googleapis.com
4	googleads.g.doubleclick.net	www.myminifactory.com googleads.g.doubleclick.net
3	q.stripe.com	www.myminifactory.com
3	www.google-analytics.com	www.googletagmanager.com
3	js.stripe.com	www.myminifactory.com js.stripe.com
3	www.myminifactory.com	www.myminifactory.com
2	bam.eu01.nr-data.net	www.myminifactory.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	csm.us.criteo.net	ads.us.criteo.com
2	stats.myminifactory.com	www.myminifactory.com
2	www.googletagmanager.com	www.myminifactory.com
2	cdn.myminifactory.com	www.myminifactory.com
2	fonts.googleapis.com	www.myminifactory.com
1	www.google.com	www.myminifactory.com
1	m.stripe.com	m.stripe.network
1	rtb.va.us.criteo.com	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.us.criteo.com
1	cat.va.us.criteo.com	ads.us.criteo.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	www.myminifactory.com
106	27

This site contains links to these domains. Also see Links.

Domain
only-games.co
creator.myminifactory.com
cdn.myminifactory.com
play.google.com
itunes.apple.com

Subject Issuer	Validity	Valid
*.myminifactory.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-10` - `2024-05-09`	a year	crt.sh
cdn.myminifactory.com R3	`2023-05-26` - `2023-08-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-07-31` - `2023-11-30`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
stats.myminifactory.com R3	`2023-08-03` - `2023-11-01`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-27` - `2023-09-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2023-10-13`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-09` - `2023-11-07`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-08-01` - `2023-11-02`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-31` - `2023-10-26`	3 months	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Frame ID: D13FB11D8DB580CD68046B5E1D3733FE
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html
Frame ID: F323EB688D95CF9826D30F8DEF559C87
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4138683835438948&output=html&adk=1812271804&adf=3025194257&lmt=1691938250&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.myminifactory.com%2Fusers%2Finvestigating-business-joe-biden-son&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691913050615&bpp=3&bdt=717&idt=129&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6212680328595&frm=20&pv=2&ga_vid=1401180838.1691913051&ga_sid=1691913051&ga_hid=648686918&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076087%2C31076837%2C31076924%2C31077016&oid=2&pvsid=3543916084113125&tmod=61876204&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=151
Frame ID: C2FD95FF2A9B5DA83431AD35AF0B833B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
Frame ID: 71A3310A07261D4C78E50FEB19D0CB9A
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNiLWgAMcu4KDUzIAASbFOnGl9uKFVFubUjDBA&u=%7CGh4KkWwLtkoRGDpuXNzK2Svdv7hDiSw6Z%2F3TsOIsEyo%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78fwmt6rmcK3mPgxp68nnidI182ceugMhzNYbUUPAg0G-X_4JN57jfH1POAoNI0P-JmwPrPKRhcUSrHcDK-rF-rsgjon1qwcVGyouoaGEQ54Jmq9YQdn9z-G0VsLaTSLrN1hBI43X_QjFeWHQ1EbUwvnDTKkO7_0JUmzS7H9e2LzSalXLcZMjO6BORQaEyntGAjj-3W3ALmVHgWekogNdUgsaUwBWyldJinYHWv0f8UAEhzoLwFpbOqwBpE8H3jPPBuo-GJRhuaWFxkRT-LAKs0hEpDDWO4ac-MB298N1wVPRmf2ChAGkoe3KBfJDUIz02LRkfVcTqomjNHnNLVczyhQvRC75p7TeabAv4RXBOLBFTY7fuYEI3PoD-25JrBC-3oCvVQ3pEH94oIr9N3i4klqmZ1EoAGCIi7g2mJ6lat6pf2VCZ0TKXOaz3UDWaifTGhuwEVa-9-V1WSph-yE4c-o8IrCmPJftNyNHBSMCms8s5Vestvn-KaMkYFWpn_STxDSIMjTmSeWhgaRlvZ9r0SJ06-LiBIIZTB_G5sQS1pawkMcrXwk41MJeoNzJdrkI1IkPVNo1Oyjl-ha0w_bltv6Dj9wrjz81F_jQEHvq0-FiVDqf3ukjdPxBn_3-wKm34sh8-f-ocNcuuiUB35F_9ZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6xMWWovYZO7lMciZNZS2ksgCnIHvsFyqsaqqdMCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi00MTM4NjgzODM1NDM4OTQ4yAEJqAMByAMCqgT8AU_QTMMUoEQmYvhvra_ONqFjJ_Chzec4aN4xJQge6PkUMrTmwdcQmdtl1yyYQcB7uO6EqEQ0hyVVVBzRAlqFMuGHQqj7MMfCodjRxnsBUE6iEthJnnTNQ0l2hHt0BMbtt0G20KT7k1zoHblutyP3mU7BUE6PzuncRSXby14XkjltiAQvwQ32zAuRBJex4F1cLWfxwEH8YE24BtKXbfIYjCaWPLjaxOjlBEzLl6B2XpJPyqdkPx_TaIpAqnzn6B1LolwR6gvlYfyH_81AjikTg8I5FJX2obvjxw7CLP0VdB4zqS0-iiOHjJMGFuYic4hv3ZNDlkeRJHlcQMlIIIAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MSqVxgBP-e03KQB6idNHgSdt8ug%26client%3Dca-pub-4138683835438948%26adurl%3D
Frame ID: 525399EC05A7747F62A3DF38FF8B146B
Requests: 18 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 2BB7DA61165BF251A96CC4EF369A0EA0
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: CE16BAB1C37790BAB5C6C2C2BF07E0D0
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F3160B84338646BF2E2CD26B523EA8E7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7C3E0AA6416D5AE68F282A900BF41ACC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Investigating the business dealings of President Joe Biden's son @investigating-business-joe-biden-son - MyMiniFactory

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

106
Requests

99 %
HTTPS

0 %
IPv6

17
Domains

27
Subdomains

25
IPs

4
Countries

3050 kB
Transfer

9109 kB
Size

13
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://only-games.co/
Title: Physical

Search URL Search Domain Scan URL

URL: https://creator.myminifactory.com/
Title: Creator Portal

Search URL Search Domain Scan URL

URL: https://cdn.myminifactory.com/static/STW_For_Galleries_Archives_and_Museum.pdf
Title: Museums

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.myminifactoryapps
Title: Google Android

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/WebObjects/MZStore.woa/wa/viewSoftware?id=1313773617&mt=8
Title: Apple iOS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

106 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request investigating-business-joe-biden-son Show response
www.myminifactory.com/users/ 276 KB
86 KB 172ms
86ms Document
text/html 142.44.215.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.44.215.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555072.ip-142-44-215.net
Software: nginx/1.16.1 /
Resource Hash: 4c1e9d53bdca9e8df19addce5c06378995273a2f1fcd589afeadb25478bd749d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 07:50:46 GMT
expires: Sun, 13 Aug 2023 07:50:49 GMT
server: nginx/1.16.1

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 117ms
48ms Stylesheet
text/css 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

ESF /

Resource Hash

0b591d7aa0ab3f32084622439b46b4e7ff7f194b4e610f30b3a78efb7100ba7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 07:50:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 07:50:50 GMT

GET
H2 200 common-fonts.min.css
static.myminifactory.com/css/ 544 B
502 B 81ms
29ms Stylesheet
text/css 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/css/common-fonts.min.css?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d1c5acd18b9d73415aa47ff82ca933a9296f8532265c1c79ea17cd6a7c2e339

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 09:56:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4473039
etag: W/"604897c9-220"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66LSM9j4WDwpfz3cd9X5DozvJyGLtzISbX5yWCqfe0F%2F448FgKd87lr9rbG2FrIPnmv1VvAjIrj%2B4AWy5MtGOkNyDM%2B7RMR5b5Iq%2Fk1mYGWN6m9t%2B7KxRlDz1fYb7dpHXJnq3coMPTrrkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=5184000
cf-ray: 7f5f5e928e8f36cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Mon, 03 Jul 2023 16:33:40 GMT

GET
H2 200 icon
fonts.googleapis.com/ 591 B
422 B 117ms
49ms Stylesheet
text/css 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons&display=swap

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

ESF /

Resource Hash

6ce446b54f436b6093ac2ef44c24e3c5f65b0b0c9d9a7dddf4943f192ae69dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 07:50:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 07:50:50 GMT

GET
H2 200 font-awesome.min.css
static.myminifactory.com/css/ 23 KB
6 KB 95ms
43ms Stylesheet
text/css 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/css/font-awesome.min.css?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8956e37563c5f53b60e585f416ebc761229f44fb325ecde18cd9626ef6104bb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Oct 2020 09:46:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4473039
etag: W/"5f7edfe0-5ccf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdKVhQXtGzzlIFTWIw3jQow9DJ%2ByrT5Z22MfQjChnX%2B%2Fif0HwSq2i%2BH%2FCeL1VU6w174FsMYAzSMomzfN4tTgZ0nRPVUN3NM%2BWhrFq2Gf3fykDxdK9iIGPHYGVFddcrQGslMNTW9IT3r%2FOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=5184000
cf-ray: 7f5f5e929e9136cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 Feb 2023 13:00:51 GMT

GET
H2 200 Open-Sans.css
static.myminifactory.com/css/fonts/ 18 KB
1 KB 80ms
29ms Stylesheet
text/css 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/css/fonts/Open-Sans.css?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e05ca7b1a10e15417a81d1dc1e7d4887ec664e603c2238bd3920372fc94fe4d2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Aug 2020 08:18:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4473039
etag: W/"5f461ad6-49dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cjVzsxQXsWTseMEuYTCg4Y7NswGxb8OJAiMmegVQVa9qqYe54iNw7HcZGyjHlEfFg43lYe0kNTWqFP7VVAmNMd%2FUk567IITq8injay8xBoYgyZMLySnPVXctZBq4kOMiyANhgTuX21IOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=5184000
cf-ray: 7f5f5e929e9236cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 Feb 2023 13:00:51 GMT

GET
H2 200 base-template.27c5270f.css
static.myminifactory.com/js/build/ 11 KB
3 KB 84ms
33ms Stylesheet
text/css 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/js/build/base-template.27c5270f.css?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 541cf0dab54f05f1bc4d2de18241b55ec3d475cda803629a8203ff954b9825ef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 May 2023 11:53:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4473039
etag: W/"6464c02a-2ba5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdkiM8MJkNWjVuojEp1fYxMBTs%2FsaZkfazLIfhr9%2BMK4DoO%2Fbf%2FQx2xRjGVRSmpcA0oPNXcw%2BsMciAWcgLsjJnu46jj7wQPpVVEvgteVB0fD8yBeluVXg15%2BItqmtYgG15w2%2Fk%2FPgcfIvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=5184000
cf-ray: 7f5f5e929e9436cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Jul 2023 07:08:50 GMT

GET
H2 200 stylesheet.min.css
static.myminifactory.com/css/ 228 KB
48 KB 103ms
54ms Stylesheet
text/css 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/css/stylesheet.min.css?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e14b286f4ffc637c2d9248c575ded30ca2be85556d11d53dfe3324a35695e3d9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Jan 2022 14:21:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4473255
etag: W/"61d5a982-38eb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mprVO2Bskmjm3nJthnT4eJmxpQzcGEnUlbStppHMkgm5%2BwGX9bvZ2tRm9WiwZ3RlidaNVIVsRAYAEFK0BzuXFUSIzVcjC1sRPtGcCxzhI4pViRJ%2BA3m%2BIkXKeThDuW9S3oR3x%2FhpFcE2xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=5184000
cf-ray: 7f5f5e929e9536cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Apr 2023 23:39:04 GMT

GET
H2 200 foundation.min.css
static.myminifactory.com/css/foundation/ 155 KB
21 KB 94ms
45ms Stylesheet
text/css 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/css/foundation/foundation.min.css?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873179c98baba24a755b864acd618408c10da05e3e8188e01c79cc8cc1b9ea02

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Aug 2016 09:10:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4473255
etag: W/"57a99dec-26be0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZQtsSJuxS5KneZtQfGNts9XYA7uo%2BfHM6V3L5wQawn8JFFBdgdWY6yIYWsX1M2jNvMDQGg1VpY0cDmvl6igduTCmU8gtidrIA%2BuozC44jaYDmJX2YrowoWxk%2BRiP6NPSHtKM1y4MNZMmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=5184000
cf-ray: 7f5f5e929e9636cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 07:22:55 GMT

GET
H2 200 smart-app-banner.css
static.myminifactory.com/css/app-banner/ 6 KB
2 KB 120ms
72ms Stylesheet
text/css 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/css/app-banner/smart-app-banner.css?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c979be3ca2ea19a41e656e1372c36f4677da11ace44f40c27c2c48bfe5a33cca

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2017 16:52:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4472992
etag: W/"5a16fcd8-17bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9usCBfJC2h0eWEEkEaxX1Svi6Wrr92lFAAjG1aIUnAaLMfgi0E133aq0RG9IIfcybBLAW32IpaPkyHBtHvq67mSCOHvpoNa%2Bu0pbiYBBcPVPjNfWuOfR59uxS848H992x%2BU%2FqPl2cPTqLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=5184000
cf-ray: 7f5f5e92aea136cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 10:22:27 GMT

GET
H2 200 flatpickr.min.css
static.myminifactory.com/css/flatpickr/ 15 KB
3 KB 119ms
71ms Stylesheet
text/css 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/css/flatpickr/flatpickr.min.css?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d5eb03f979ffd46386cd15d0358768bc01273d1c772797cb9fc24f78fc73f83

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Mar 2019 16:47:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4473039
etag: W/"5c7d56b7-3a01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzdq6sl4iuTOo5aVqaOa81WYCXuEvm2j3g6%2FaYErRE1XqSmUEqGruJ5tYxQZVEwVRywv8s6Ag1YUh5GJAp79ko3hre44xRuX%2FetxXzAA0Qu8CcZYWLpku3t16RXvl9DfrYyQUwO3dgHQPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=5184000
cf-ray: 7f5f5e92aea336cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 01:24:48 GMT

GET
H2 200 profile.799440e4.css
static.myminifactory.com/js/build/ 35 KB
7 KB 118ms
69ms Stylesheet
text/css 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/js/build/profile.799440e4.css?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd0e86b0de1902d47a654d5a3facc55b591fe25783107f1192113110945f71d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 May 2023 11:53:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4472992
etag: W/"6464c02a-8d34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lo5%2FyxCuwjth%2BGCUYz7ohrooIcPkRonVd0Z34N7wGh%2F2t4tlRhAitpOO2pO%2FObWjer2baJwZXPq8gMddnav4jWSfAsj9mRgGDceOdOeJUzJMBYNSr9487VOWA0hwbMbBDI%2FrYHlK1ysY0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=5184000
cf-ray: 7f5f5e92aea236cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Jul 2023 04:49:03 GMT

GET
H2 200 blog.8dbdaeb8.css
static.myminifactory.com/js/build/ 5 KB
2 KB 78ms
30ms Stylesheet
text/css 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/js/build/blog.8dbdaeb8.css?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d684bf60dd91562731a3bf780d28f4434756e58281cb043d51339a886b63b0a4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Jun 2023 09:25:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4472992
etag: W/"6486e48c-1417"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sljtPL9LILyLYfhMu7uv083mRhLYcdapC%2FwRvjADRx3cYf7dPXN3j0fWtMAp3uXJmAWph69Gj%2F2PCfOAl4%2BZsIOYw1EihQgt%2FoHJRAwWuG7DcEpzyyvQsh88bUp%2BJizK74owjWnnk8KsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=5184000
cf-ray: 7f5f5e929e9936cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Aug 2023 03:14:56 GMT

GET
H2 200 runtime.68c45696.js Show response
static.myminifactory.com/js/build/ 2 KB
1 KB 120ms
72ms Script
application/javascript 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/js/build/runtime.68c45696.js?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbf2c3c185258de8a5b835e8e01a8c19a196221f1b8e32c4ae73dcbcb2c282d4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Jul 2023 09:45:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1880977
etag: W/"64abd348-6cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Lvm%2Fyglg0rrCl61Z%2FVr4QozDaxacsVGEEJXR1N7ZPYBk0NK1jd5rQY4vXiotp5VIyu58eOTVYifklND3VdIseoakcfXpb6WUFREUdvmhSxX1UF%2BNABtThUwIwdf4VnWq%2BPeD0uWQyQ59w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7f5f5e92aea736cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 10 Aug 2023 20:04:28 GMT

GET
H2 200 base-template.87554ce7.js Show response
static.myminifactory.com/js/build/ 1 MB
293 KB 138ms
93ms Script
application/javascript 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/js/build/base-template.87554ce7.js?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cceeaca6145adc0ce5dae2d9a1cbf0659624948a157c18102a25d8cc3dc81408

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 10:03:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1547039
etag: W/"64c0ef6b-10a671"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0M2INlqGRV4pvb%2BSqRZktMuwsgETSfBSw2I7HDNKGyajLgn6w809NJM8STJ3x7Bgjxjtqht1fgQLLu2GL4N2YJTXTXqVyDnSW%2FqFsziAH9I7o84jCmpDswPLaqw2Mpc62jByuAj8RvKVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7f5f5e92aea536cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 25 Aug 2023 10:03:24 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
static.myminifactory.com/js/ 95 KB
34 KB 147ms
102ms Script
application/javascript 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/js/jquery-1.12.4.min.js?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Jul 2017 16:15:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1881209
etag: W/"595a6db9-17b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5Mq2cl6zWysZOYw1QGsfClKIBVWQhoXuHMPCmEPqj3XWqsQewyLLGM7Qbis9qmwTNvhrAcmPS%2BcM84FL3Spzbs8xgqBVzk%2FkOtv6Q1jgezN5%2BesAhx0IxOVA6UmiHMCuWGbcT%2F1ufGekg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7f5f5e92aea936cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 06 Jan 2023 13:00:51 GMT

GET
H2 200 jquery-ui-1.10.4.min.js Show response
static.myminifactory.com/js/ 223 KB
61 KB 131ms
86ms Script
application/javascript 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/js/jquery-ui-1.10.4.min.js?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77616782a5fe0480d131a7cfbf2a34e3a4196cb6f5f91140c231d8410287d61f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Jul 2018 16:42:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1881209
etag: W/"5b48d68b-37cc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Smb0HUWIK8c%2FzyE50ATTsmBTrqOnQh7uvkrFGYcd9%2Fwsq242JoQQBElRD9zzP9YUIp1SYPYowN7KICV5QjukLnI%2FAimmGOQPY0o8jD%2BL66q58YR8DNqhuAdQQ8UmL5f%2Bfi4VRervR1x7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7f5f5e92aeaa36cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 May 2023 01:07:08 GMT

GET
H2 200 js-collection.js Show response
static.myminifactory.com/js/ 137 KB
46 KB 123ms
78ms Script
application/javascript 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/js/js-collection.js?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d1a2561a99927e39665660dc663807416751dedb6d7a68842f161ffd197a63

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Oct 2018 15:58:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1881209
etag: W/"5bb78a43-225d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CehlolHMJl0LAkF8e%2Bf1%2F3z3Ib65f%2BPS21d9L3gjopnm62DOHhhJ3QNgu6y81zJPNZr0mS9mnwjimAQGp44aewPI9YUhdFcZUdDA6vZVWMkD72Lrl%2FI3sHNFOGciYoVDNG1g2h9jgcnVrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7f5f5e92aea436cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Mon, 17 Jul 2023 03:32:04 GMT

GET
H2 200 foundation.min.js Show response
static.myminifactory.com/js/foundation/ 88 KB
23 KB 118ms
73ms Script
application/javascript 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/js/foundation/foundation.min.js?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 560411211a9e418188accab900dbf3f843fafbf52ab2e33c3975bffa1a421932

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Jul 2019 14:10:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1881209
etag: W/"5d2f2c3f-1602e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYjrUDc35OCIg6Hi6udXP8J4dRk5C1K1paR43JhbVfgz6f5%2FsEQgGhLktwQ4X03s%2BgoRHDncyQUcyU262n2T6%2BIWSsqTHpx2MqnuCBumIwGp3bUztaOjmX9%2FBlrfCvP9%2F5Is0DK26FO8NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7f5f5e92aeac36cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sun, 13 Aug 2023 06:27:45 GMT

GET
H2 200 flatpickr.min.js Show response
static.myminifactory.com/js/flatpickr/ 45 KB
14 KB 129ms
84ms Script
application/javascript 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/js/flatpickr/flatpickr.min.js?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21e34ff1b800fbfedfa6ae535ba85dd0d2b98f329e99351cc2133f04ffc90c7d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Mar 2019 16:47:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1880869
etag: W/"5c7d56b7-b59a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0H4s5h5925wpz5VKWLcW%2FoBBnXmYWsHc2P5vOUNkeAE8FomnJRPUQYongfDFBACFq42uxqjmC0cjxEIlC2QIKEw0qvUhBczMgq22xE8TR%2BN6ItpVX71lCPBOhGzqDBM45hEmrc408gvpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7f5f5e92aead36cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sun, 16 Jul 2023 07:19:53 GMT

GET
H2 200 show.css
static.myminifactory.com/css/user/ 6 KB
2 KB 72ms
28ms Stylesheet
text/css 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/css/user/show.css?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c5fe230b66170aa2638efc812e109610e3168bb36f054322a0b00b6727e6fd9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Jul 2022 09:29:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4472992
etag: W/"62cfe1fd-1783"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8VeV7FVR7yxxxd%2FVveKYa8odvBZyYdU0D445K2O305hCo0vU3SRMaVnEQgxTOY7byvCsUTxWNKKuVQKfvkyWQZvYoHwPMuYDKNCA862hOZkOD7Jq25hqpY1ONpaDgVZJSFP5Cf0ZdVMYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=5184000
cf-ray: 7f5f5e929e9836cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 Feb 2023 13:00:53 GMT

GET
H2 200 profile.512298eb.js Show response
static.myminifactory.com/js/build/ 4 MB
1 MB 149ms
105ms Script
application/javascript 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/js/build/profile.512298eb.js?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6f61fa3572660c1449c2254414d3abeadb6d01a1a93981bab3fb105d4dc568d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 10:03:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1546674
etag: W/"64c0ef6b-39cc27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRMK2zuIvViXwt2NPb5t%2FU0enfMwndK7ZScGp4zzVjDxRlZj%2FdbjQMkCUli26QjdZ9Ba%2FLwgekNsegD89cqBtCO%2FFm1DRrZOnkEqejN8vRnnqwvdArkA6XNQv5h9ocNi0pRSFFJ6ROT6Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7f5f5e92aeab36cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 25 Aug 2023 10:03:27 GMT

GET
H2 200 MMF_horizontal_logo.svg
static.myminifactory.com/images/ 6 KB
3 KB 30ms
28ms Image
image/svg+xml 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.myminifactory.com/images/MMF_horizontal_logo.svg?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5198ad1ba2a0db18241a5a3b83f880b16e895c10b9c2ead3a5ee07eea337fb0c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Jun 2021 14:54:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4473325
etag: W/"60d49c96-18cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCE3V3zijqWh6%2BQjDe3VvwE5VT7S3B6bSg3h%2Bd3cI9%2BnKykZu2Pjo%2FJTlN%2BdObMGT67gwxwA34QtRHQdkeDXiOE4WbB5mjXWReZCzmQzKMvPrxL%2Fq57ua77jXS5RBlaCVSKUXRmsX4Nq8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=5184000
cf-ray: 7f5f5e936ef736cf-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Aug 2023 23:10:46 GMT

GET
H2 200 be2886b3bbe3707ff4cf8c8428cd02347caba6bb.jpg
cdn.myminifactory.com//uploads/profile-images/ 20 KB
21 KB 122ms
35ms Image
image/jpeg 54.39.128.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.myminifactory.com//uploads/profile-images/be2886b3bbe3707ff4cf8c8428cd02347caba6bb.jpg
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.68 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns562059.ip-54-39-128.net
Software: nginx/1.16.1 /
Resource Hash: fabeee0d62bda5b76e5cd511d0cfc1c74af6597b880ddb7ce5336151a0b93583

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
last-modified: Sun, 13 Aug 2023 07:49:03 GMT
server: nginx/1.16.1
etag: "64d88aef-516f"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 20847
expires: Thu, 12 Oct 2023 07:50:50 GMT

GET
H2 200 get-new-captcha
www.myminifactory.com/captcha/ 4 KB
4 KB 63ms
63ms Image
text/html 142.44.215.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.myminifactory.com/captcha/get-new-captcha
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.44.215.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555072.ip-142-44-215.net
Software: nginx/1.16.1 /
Resource Hash: e9528f094c9815489d24afd9d9babed7632db2e153313be55d01ff2352cdcf03

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/users/investigating-business-joe-biden-son
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: gzip
server: nginx/1.16.1
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, private
access-control-allow-credentials: true
expires: Sun, 13 Aug 2023 07:50:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 138ms
58ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d6a4cb1bf01a470577b2fa8b10c72b85e60165f1551f8e76b6a7462d2b70eef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51067
x-xss-protection: 0
server: cafe
etag: 4021235459697835334
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 07:50:50 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 526 KB
147 KB 85ms
17ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

76985e019b5dd6751898d24357243dceb50389ed6c0d64dfcf050ca7fdaef668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 13 Aug 2023 07:50:50 GMT
via: 1.1 varnish
age: 28
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 149792
x-request-id: 3005ff92-0bbd-4153-9289-33190201b19a
x-served-by: cache-yyz4575-YYZ
last-modified: Fri, 11 Aug 2023 20:33:48 GMT
server: Fastly
etag: "bb53fbcee76a16ff1bbf079f83420d59"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 186 KB
66 KB 117ms
53ms Script
application/javascript 172.217.13.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBRXHQ4

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2b1f85e9b20017ca2586f7cfe68dd7cc4a45e09c68735058e15c9279f353db63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66734
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Aug 2023 07:50:50 GMT

GET
H3 200 matomo.js Show response
static.myminifactory.com/ 132 KB
43 KB 32ms
32ms Script
application/javascript 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/matomo.js
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13de044d68993405a80659aa73e638fccf9ef881efb645d4860d0e3fc02d63dc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Sep 2020 13:57:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1881209
etag: W/"5f64bcd4-211a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sy3Pn8RSZ%2Ba%2BguWGgNfaLIEwNvn6Jus6wKk3u4cA7qI%2FouXzYRGue2%2BXCEEZAjFy8sEiCfq4uEsi2IQuyzW%2Frr22FdgWqQ7bS0vC7wqx6cX%2BSFjPrEv0aoBVWN34sY9jmYtE%2F4XpV9v3Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7f5f5e94cb113a05-YYZ
alt-svc: h3=":443"; ma=86400
expires: Wed, 30 Nov 2022 20:39:30 GMT

GET
H2 200 content-json Show response
www.myminifactory.com/cart/ 29 B
219 B 60ms
60ms Fetch
application/json 142.44.215.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myminifactory.com/cart/content-json
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.44.215.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555072.ip-142-44-215.net
Software: nginx/1.16.1 /
Resource Hash: 2c7f696d13db2720d02a4602e9844e4e6f6acedf9a76bcda2ca0afe15e566f57

Request headers

Referer: https://www.myminifactory.com/users/investigating-business-joe-biden-son
tracestate: 3720603@nr=0-1-3720603-535909673-ad2e3ba94aa454d0----1691913050397
traceparent: 00-98b7729ca4ae313b0f4bda8b905c3200-ad2e3ba94aa454d0-01
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM3MjA2MDMiLCJhcCI6IjUzNTkwOTY3MyIsImlkIjoiYWQyZTNiYTk0YWE0NTRkMCIsInRyIjoiOThiNzcyOWNhNGFlMzEzYjBmNGJkYThiOTA1YzMyMDAiLCJ0aSI6MTY5MTkxMzA1MDM5N319

Response headers

access-control-allow-origin: *
date: Sun, 13 Aug 2023 07:50:50 GMT
cache-control: max-age=0, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json
server: nginx/1.16.1
expires: Sun, 13 Aug 2023 07:50:50 GMT

GET
H2 200 footer_lodyas.png
cdn.myminifactory.com//uploads/profile-cover/ 33 KB
33 KB 36ms
35ms Image
image/png 54.39.128.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.myminifactory.com//uploads/profile-cover/footer_lodyas.png
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.68 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns562059.ip-54-39-128.net
Software: nginx/1.16.1 /
Resource Hash: e1d6435f22a34ccdcd3cecd592e7da6780a20692e63b13600df9231bdeb0d119

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
last-modified: Wed, 01 May 2019 09:56:50 GMT
server: nginx/1.16.1
etag: "5cc96d62-83a6"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 33702
expires: Thu, 12 Oct 2023 07:50:50 GMT

GET
H3 200 flags.svg
static.myminifactory.com/images/ 8 KB
3 KB 26ms
26ms Image
image/svg+xml 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.myminifactory.com/images/flags.svg?v148
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4ca86a9c2dc043939f5f0f27e82894eaac7accc27a621731cbf4e17c52df02d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 09:56:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4473038
etag: W/"604897c9-2192"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqwGhv5fuYEesEH3gigVBhLo0PQ92oEZXci2cet0scLDWRhSx7AwP%2FVBbX%2BxdQpfzXQrapaESBAFDz2b4dVEWOySRyiAJ%2Fg%2FIb%2BSAO6GUp%2BusOjtQRdM1U7hWTPUL5%2FMunlgfkqNW%2FdaxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=5184000
cf-ray: 7f5f5e953b6f3a05-YYZ
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 Feb 2023 13:00:51 GMT

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ 15 KB
15 KB 112ms
46ms Font
font/woff2 172.217.13.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: static.myminifactory.com
URL: https://static.myminifactory.com/css/stylesheet.min.css?v148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f3.1e100.net

Software

sffe /

Resource Hash

60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.myminifactory.com/
Origin: https://www.myminifactory.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:28:59 GMT
x-content-type-options: nosniff
age: 195711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15572
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:46:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 01:28:59 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
35 KB 89ms
25ms Font
font/woff2 172.217.13.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f3.1e100.net

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.myminifactory.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:47:28 GMT
x-content-type-options: nosniff
age: 194602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 01:47:28 GMT

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 116ms
52ms Font
font/woff2 172.217.13.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f3.1e100.net

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.myminifactory.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 01:21:46 GMT
x-content-type-options: nosniff
age: 368944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 01:21:46 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v17/ 15 KB
15 KB 132ms
69ms Font
font/woff2 172.217.13.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: static.myminifactory.com
URL: https://static.myminifactory.com/css/fonts/Open-Sans.css?v148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f3.1e100.net

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.myminifactory.com/
Origin: https://www.myminifactory.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 01:08:01 GMT
x-content-type-options: nosniff
age: 369769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15056
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 19:30:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 01:08:01 GMT

GET
H3 200 fontawesome-webfont.woff2
static.myminifactory.com/fonts/ 63 KB
64 KB 48ms
27ms Font
font/woff2 172.67.70.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myminifactory.com/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: static.myminifactory.com
URL: https://static.myminifactory.com/css/font-awesome.min.css?v148
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.176 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://static.myminifactory.com/css/font-awesome.min.css?v148
Origin: https://www.myminifactory.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2154
alt-svc: h3=":443"; ma=86400
content-length: 64464
last-modified: Fri, 05 Aug 2016 09:03:24 GMT
server: cloudflare
etag: "57a4565c-fbd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxKOuffmOcV3yvqZVW0cr1xcYmFZbU%2BoUjRwrFSD%2FZf9FHMSWV6JnMEsMDwqXS4byFbZKxihhB4MYNJlHtzRjKR7DlyuorDWydJ9EvcMq07aATyK9zc%2BqECHR%2FIe83qr%2FyGZnp%2FJoK5mQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://www.myminifactory.com
cache-control: max-age=18000
accept-ranges: bytes
cf-ray: 7f5f5e9569aca226-YYZ

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 112ms
61ms Font
font/woff2 172.217.13.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.myminifactory.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 00:45:39 GMT
x-content-type-options: nosniff
age: 371111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Aug 2024 00:45:39 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/ 372 KB
126 KB 65ms
65ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/show_ads_impl_fy2021.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ba2f70105afb1f00f4652d43aabe36abef50ed983f458b299d7408eb0ba7cd24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128572
x-xss-protection: 0
server: cafe
etag: 11607661418514988261
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 07:50:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/ Frame F323 10 KB
5 KB 25ms
24ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20190131/zrt_lookup.html

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.myminifactory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 23077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 01:26:13 GMT
etag: 12368291122986407432
expires: Sun, 27 Aug 2023 01:26:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
88 KB 56ms
55ms Script
application/javascript 172.217.13.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZPV6BRC3CZ&l=dataLayer&cx=c

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a18cf11950e58d6115156a283eeebc919dd5cfa1a9fee3a591ca969fd645637e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89645
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 13 Aug 2023 07:50:50 GMT

GET
H/1.1 200
OK matomo.php
stats.myminifactory.com/ 43 B
341 B 151ms
74ms Image
image/gif 200.225.45.125
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.myminifactory.com/matomo.php?action_name=Investigating%20the%20business%20dealings%20of%20President%20Joe%20Biden%27s%20son%20%40investigating-business-joe-biden-son%20-%20MyMiniFactory&idsite=1&rec=1&r=047767&h=0&m=50&s=50&url=https%3A%2F%2Fwww.myminifactory.com%2Fusers%2Finvestigating-business-joe-biden-son&_id=a40c050552febd87&_idts=1691913051&_idvc=1&_idn=1&_refts=0&_viewts=1691913051&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=138&pv_id=NUdVyL

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

200.225.45.125 El Segundo, United States, ASN54641 (IMH-IAD, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.1.13

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 07:50:50 GMT
Referrer-Policy: origin
X-Content-Type-Options: nosniff
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/8.1.13
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK configs.php Show response
stats.myminifactory.com/plugins/HeatmapSessionRecording/ 116 B
453 B 104ms
41ms Script
application/javascript 200.225.45.125
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.myminifactory.com/plugins/HeatmapSessionRecording/configs.php?idsite=1&trackerid=AnSYNv&url=https%3A%2F%2Fwww.myminifactory.com%2Fusers%2Finvestigating-business-joe-biden-son

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

200.225.45.125 El Segundo, United States, ASN54641 (IMH-IAD, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/8.1.13

Resource Hash

af84f7321a0f44e001598c3f3ed2b954bc839c24da54a087474ef42135e5aed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 07:50:50 GMT
Content-Encoding: gzip
Referrer-Policy: origin
X-Content-Type-Options: nosniff
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/8.1.13
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 119
X-XSS-Protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
334 B 47ms
46ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.myminifactory.com&callback=_gfp_s_&client=ca-pub-4138683835438948

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

1afb087ae39b2e9783d2d26fb2d27f8113c11ac357c2f6b3a148031594c48565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C2FD 52 KB
18 KB 259ms
258ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4138683835438948&output=html&adk=1812271804&adf=3025194257&lmt=1691938250&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.myminifactory.com%2Fusers%2Finvestigating-business-joe-biden-son&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691913050615&bpp=3&bdt=717&idt=129&shv=r20230809&mjsv=m202308070102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6212680328595&frm=20&pv=2&ga_vid=1401180838.1691913051&ga_sid=1691913051&ga_hid=648686918&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076087%2C31076837%2C31076924%2C31077016&oid=2&pvsid=3543916084113125&tmod=61876204&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=151

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ebab1e467f963f962640fe8fa1377987cdaa2c2791ef3a8da19653a610f37c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.myminifactory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17951
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 07:50:51 GMT
expires: Sun, 13 Aug 2023 07:50:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
53ms Image
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=MuiPaper-root%20MuiAppBar-root%20jss18%20MuiAppBar-positionFixed%20MuiAppBar-colorPrimary%20jss3%20top-bar-master-holder%20%20mui-fixed%20MuiPaper-elevation4&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 07:50:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
259 B 111ms
46ms Ping
text/plain 172.217.13.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZPV6BRC3CZ&gtm=45je3890&_p=648686918&cid=1401180838.1691913051&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691913050&sct=1&seg=0&dl=https%3A%2F%2Fwww.myminifactory.com%2Fusers%2Finvestigating-business-joe-biden-son&dt=Investigating%20the%20business%20dealings%20of%20President%20Joe%20Biden%27s%20son%20%40investigating-business-joe-biden-son%20-%20MyMiniFactory&en=page_view&_fv=1&_ss=1&ep.customTask=function(a)%7Bvar%20b%3Dgoogle_tag_manager%5B%22rm%22%5D%5B%22116938654%22%5D(2)%2Cc%3Dgoogle_tag_manager%5B%22rm%22%5D%5B%22116938654%22%5D(3)%2Cf%3D%22__gtm_campaign_url%22%2Cg%3D%22__gtm_referrer%22%2Ch%3Dgoogle_tag_manager%5B%22rm%22%5D%5B%22116938654%22%5D(4)%2Cd%3D!0%2Ce%3Dfunction(k)%7Bdocument.cookie%3Dk%2B%22%5Cx3d%3B%20path%5Cx3d%2F%3B%20domain%5Cx3d%22%2Bh%2B%22%3B%20expires%5Cx3dThu%2C%2001%20Jan%201970%2000%3A00%3A00%20GMT%22%7D%3B%22undefined%22!%3D%3Dtypeof%20b%26%26(a.set(%22location%22%2Cb)%2Ca.set(%22page%22%2Cdocument.location.pathname%2Bdocument.location.search)%2C!0%3D%3D%3Dd%26%26e(f))%3B%22undefined%22!%3D%3Dtypeof%20c%26%26(a.set(%22referrer%22%2Cc)%2C!0%3D%3D%3Dd%26%26e(g))%7D&ep.transport=beacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZPV6BRC3CZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 07:50:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.myminifactory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/ 154 KB
52 KB 59ms
59ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070102/reactive_library_fy2021.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9abb500e5b63142288a3f9834767694f704492c7f623f8f8f01903a79b7638c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53698
x-xss-protection: 0
server: cafe
etag: 3198509927064109104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 07:50:51 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/ Frame 71A3 10 KB
4 KB 24ms
24ms Document
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.myminifactory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 17393
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 03:00:58 GMT
etag: 12368291122986407432
expires: Sun, 27 Aug 2023 03:00:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 5253 142 KB
48 KB 160ms
85ms Document
text/html 74.119.119.65
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZNiLWgAMcu4KDUzIAASbFOnGl9uKFVFubUjDBA&u=%7CGh4KkWwLtkoRGDpuXNzK2Svdv7hDiSw6Z%2F3TsOIsEyo%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78fwmt6rmcK3mPgxp68nnidI182ceugMhzNYbUUPAg0G-X_4JN57jfH1POAoNI0P-JmwPrPKRhcUSrHcDK-rF-rsgjon1qwcVGyouoaGEQ54Jmq9YQdn9z-G0VsLaTSLrN1hBI43X_QjFeWHQ1EbUwvnDTKkO7_0JUmzS7H9e2LzSalXLcZMjO6BORQaEyntGAjj-3W3ALmVHgWekogNdUgsaUwBWyldJinYHWv0f8UAEhzoLwFpbOqwBpE8H3jPPBuo-GJRhuaWFxkRT-LAKs0hEpDDWO4ac-MB298N1wVPRmf2ChAGkoe3KBfJDUIz02LRkfVcTqomjNHnNLVczyhQvRC75p7TeabAv4RXBOLBFTY7fuYEI3PoD-25JrBC-3oCvVQ3pEH94oIr9N3i4klqmZ1EoAGCIi7g2mJ6lat6pf2VCZ0TKXOaz3UDWaifTGhuwEVa-9-V1WSph-yE4c-o8IrCmPJftNyNHBSMCms8s5Vestvn-KaMkYFWpn_STxDSIMjTmSeWhgaRlvZ9r0SJ06-LiBIIZTB_G5sQS1pawkMcrXwk41MJeoNzJdrkI1IkPVNo1Oyjl-ha0w_bltv6Dj9wrjz81F_jQEHvq0-FiVDqf3ukjdPxBn_3-wKm34sh8-f-ocNcuuiUB35F_9ZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6xMWWovYZO7lMciZNZS2ksgCnIHvsFyqsaqqdMCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi00MTM4NjgzODM1NDM4OTQ4yAEJqAMByAMCqgT8AU_QTMMUoEQmYvhvra_ONqFjJ_Chzec4aN4xJQge6PkUMrTmwdcQmdtl1yyYQcB7uO6EqEQ0hyVVVBzRAlqFMuGHQqj7MMfCodjRxnsBUE6iEthJnnTNQ0l2hHt0BMbtt0G20KT7k1zoHblutyP3mU7BUE6PzuncRSXby14XkjltiAQvwQ32zAuRBJex4F1cLWfxwEH8YE24BtKXbfIYjCaWPLjaxOjlBEzLl6B2XpJPyqdkPx_TaIpAqnzn6B1LolwR6gvlYfyH_81AjikTg8I5FJX2obvjxw7CLP0VdB4zqS0-iiOHjJMGFuYic4hv3ZNDlkeRJHlcQMlIIIAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MSqVxgBP-e03KQB6idNHgSdt8ug%26client%3Dca-pub-4138683835438948%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.65 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5569da5d9f599327b3f7c05b68d19cc86fe4a189eae2add0be6880bbde65fc8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 07:50:50 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=_AOO1RdGJKRP8y56CpG29a_-RVTdtdqPv6Azm9FAee1_Fh-brz5TaCJmP5mRYnOv0ksAbmVE_yXYyEFJjvm2rxEhtFBSlzRA6c8KmHDSZzYwURP3z_IcdfRYmnuR-0JupE_SrLf0cYy_EH51TD3YVKEe0BGK4K6NQiKej3lV7i1tc1_f-wIB6sl2s3iGYT1FRe-pbIQWekgex9vMm6gd5Fq8vWwGQdPapR-abLU4dx3lrBE73uW1kFnNS-edoOU_tqRNNg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 54203891
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 71A3 3 KB
1 KB 102ms
27ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 23:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 23:53:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 71A3 20 KB
8 KB 99ms
24ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 23:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Aug 2023 23:53:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71A3 179 KB
57 KB 140ms
66ms Script
text/javascript 172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Aug 2023 07:50:51 GMT

GET
DATA 200
OK truncated
/ Frame 71A3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9848e541a0621a816f920b70fb564b4c225f3847c436240015667cbae31d45d8

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 47ms
46ms Ping
text/plain 172.217.13.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZPV6BRC3CZ&gtm=45je3890&_p=648686918&cid=1401180838.1691913051&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1691913050&sct=1&seg=0&dl=https%3A%2F%2Fwww.myminifactory.com%2Fusers%2Finvestigating-business-joe-biden-son&dt=Investigating%20the%20business%20dealings%20of%20President%20Joe%20Biden%27s%20son%20%40investigating-business-joe-biden-son%20-%20MyMiniFactory&en=scroll&ep.customTask=function(a)%7Bvar%20b%3Dgoogle_tag_manager%5B%22rm%22%5D%5B%22116938654%22%5D(2)%2Cc%3Dgoogle_tag_manager%5B%22rm%22%5D%5B%22116938654%22%5D(3)%2Cf%3D%22__gtm_campaign_url%22%2Cg%3D%22__gtm_referrer%22%2Ch%3Dgoogle_tag_manager%5B%22rm%22%5D%5B%22116938654%22%5D(4)%2Cd%3D!0%2Ce%3Dfunction(k)%7Bdocument.cookie%3Dk%2B%22%5Cx3d%3B%20path%5Cx3d%2F%3B%20domain%5Cx3d%22%2Bh%2B%22%3B%20expires%5Cx3dThu%2C%2001%20Jan%201970%2000%3A00%3A00%20GMT%22%7D%3B%22undefined%22!%3D%3Dtypeof%20b%26%26(a.set(%22location%22%2Cb)%2Ca.set(%22page%22%2Cdocument.location.pathname%2Bdocument.location.search)%2C!0%3D%3D%3Dd%26%26e(f))%3B%22undefined%22!%3D%3Dtypeof%20c%26%26(a.set(%22referrer%22%2Cc)%2C!0%3D%3D%3Dd%26%26e(g))%7D&ep.transport=beacon&epn.percent_scrolled=90&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZPV6BRC3CZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 07:50:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.myminifactory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5253 2 KB
1 KB 100ms
35ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNiLWgAMcu4KDUzIAASbFOnGl9uKFVFubUjDBA&u=%7CGh4KkWwLtkoRGDpuXNzK2Svdv7hDiSw6Z%2F3TsOIsEyo%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78fwmt6rmcK3mPgxp68nnidI182ceugMhzNYbUUPAg0G-X_4JN57jfH1POAoNI0P-JmwPrPKRhcUSrHcDK-rF-rsgjon1qwcVGyouoaGEQ54Jmq9YQdn9z-G0VsLaTSLrN1hBI43X_QjFeWHQ1EbUwvnDTKkO7_0JUmzS7H9e2LzSalXLcZMjO6BORQaEyntGAjj-3W3ALmVHgWekogNdUgsaUwBWyldJinYHWv0f8UAEhzoLwFpbOqwBpE8H3jPPBuo-GJRhuaWFxkRT-LAKs0hEpDDWO4ac-MB298N1wVPRmf2ChAGkoe3KBfJDUIz02LRkfVcTqomjNHnNLVczyhQvRC75p7TeabAv4RXBOLBFTY7fuYEI3PoD-25JrBC-3oCvVQ3pEH94oIr9N3i4klqmZ1EoAGCIi7g2mJ6lat6pf2VCZ0TKXOaz3UDWaifTGhuwEVa-9-V1WSph-yE4c-o8IrCmPJftNyNHBSMCms8s5Vestvn-KaMkYFWpn_STxDSIMjTmSeWhgaRlvZ9r0SJ06-LiBIIZTB_G5sQS1pawkMcrXwk41MJeoNzJdrkI1IkPVNo1Oyjl-ha0w_bltv6Dj9wrjz81F_jQEHvq0-FiVDqf3ukjdPxBn_3-wKm34sh8-f-ocNcuuiUB35F_9ZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6xMWWovYZO7lMciZNZS2ksgCnIHvsFyqsaqqdMCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi00MTM4NjgzODM1NDM4OTQ4yAEJqAMByAMCqgT8AU_QTMMUoEQmYvhvra_ONqFjJ_Chzec4aN4xJQge6PkUMrTmwdcQmdtl1yyYQcB7uO6EqEQ0hyVVVBzRAlqFMuGHQqj7MMfCodjRxnsBUE6iEthJnnTNQ0l2hHt0BMbtt0G20KT7k1zoHblutyP3mU7BUE6PzuncRSXby14XkjltiAQvwQ32zAuRBJex4F1cLWfxwEH8YE24BtKXbfIYjCaWPLjaxOjlBEzLl6B2XpJPyqdkPx_TaIpAqnzn6B1LolwR6gvlYfyH_81AjikTg8I5FJX2obvjxw7CLP0VdB4zqS0-iiOHjJMGFuYic4hv3ZNDlkeRJHlcQMlIIIAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MSqVxgBP-e03KQB6idNHgSdt8ug%26client%3Dca-pub-4138683835438948%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Aug 2024 07:50:51 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5253 2 KB
1 KB 100ms
35ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Aug 2024 07:50:51 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5253 308 B
637 B 96ms
31ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 07 Aug 2024 07:50:51 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5253 293 B
621 B 99ms
34ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 07 Aug 2024 07:50:51 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 5253 43 B
348 B 100ms
34ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=BRsPwFixpfDxkNnSzvtfX7Q7l6HfXslLjiMqpNfdzkeIsttYHgd1ysDh14gZPsxq4DajqxxpPMSnLPEB6BkyugXYVpRcr1RAn8tbgSl07jDeZLS1T91mNf4drEmU7WJYlZ24xBHs1oQUWNxrFK37leBoB6LirSXxFxMoUvIPjYrFvfptjtqiFaK8_-yj_tTaaz2j0I3LcDc1BCFLRoISeZA3fw1Hby7O13ngIanZaZQUZeY5nrMVliRbl4EDe7_YdEnthJvDDFEmuyyHyjA4WqAXrJi3-ymo-SyJIgi-zuMJQfwpgmgYQQi3DdkN0ZmOquJzzoc0QwFK9ToafC62aRYQJ3Ubx--rJsZo4jWL_B5454Ff4lhJdc1N3cxDKNaazjWMP0v-rMgBlgatYxmZrFoxyQWQSW83G8NKoiBYTM6Qj_unqb4Ym_gUcwkzHLEQtPpWjKA-c6PbpXFj545xVKwNi3k3ZYlw8bVtf3XluM6voenx1be8HAlasbSc8mAoXeJ8KlMkoOiGIT-bwU8SzR57XC0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 07:50:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1679131
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5253 12 KB
5 KB 59ms
23ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2024993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfg7XxcmbmY0uK3wULcsg67oCv7kTDwFXJ38KiaEFYNpttvuwwnzdTr7JQiJtyKq3kPGMFv30mpuNq6WVtD3nvLmwP2U6want%2FhOa21e9CUMWMdWO6q36iHE7iFUEwSxPxjiUt9v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f5f5e9b79cda1fe-YYZ
expires: Fri, 02 Aug 2024 07:50:51 GMT

GET 1ccdc96a10814ce19f0b5b19ef8cc44b_ProximaNovaSoft-Semibold.woff
static.criteo.net/design/dt/ Frame 5253 0
0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5253 12 KB
6 KB 41ms
33ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Aug 2024 07:50:51 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5253 13 KB
13 KB 115ms
49ms Image
image/png 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=244&m=0&partner=67694&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F64519%2F220707%2F0f1baf9583584f76909a9285b2e62735_new_800_x_800_logo-transparentbckgrnd.png&v=3&w=196&s=cpeErq78VUl6sWj9vUBt2G5D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

eaf0100cf4ffd029a016ef1201ccefb65c7e704a9482bb401049337119628040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 13098
expires: Mon, 29 Jul 2024 04:51:03 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5253 21 KB
21 KB 129ms
63ms Image
image/png 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=67694&q=80&r=2&u=https%3A%2F%2Fsilvergold.media%2Fmedia%2Fproducts%2F8774%2Ftn-8774-m.png&v=3&w=400&s=Krxk6ZEi9Ht6-wyzoMONqj8p&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

50e434b0f95ac040a563a6d05786761310118011f756b22fee50f3cdd8982562

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 21010
expires: Sat, 22 Jun 2024 15:35:43 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5253 21 KB
21 KB 112ms
46ms Image
image/png 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=67694&q=80&r=2&u=https%3A%2F%2Fsilvergold.media%2Fmedia%2Fproducts%2F8992%2Ftn-8992-m.png&v=3&w=400&s=HxTQkoFCxafi5XV4pF3W8o1R&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4db2dad2f979699dc1f091b9e5bc8346c03b2d5c9dd4bceee5d9e8fe85ac83d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 21171
expires: Sun, 23 Jun 2024 00:58:38 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5253 18 KB
18 KB 120ms
55ms Image
image/png 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=67694&q=80&r=2&u=https%3A%2F%2Fsilvergold.media%2Fmedia%2Fproducts%2F8844%2Ftn-8844-m.png&v=3&w=400&s=BwOFapQWoP3nHVVzaUX4PfPl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4fc2b513249d2847de2a60e9e3e8a15429885cb79277f579e9a762f2b2c656e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 18152
expires: Mon, 29 Jul 2024 15:04:35 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5253 23 KB
23 KB 137ms
72ms Image
image/png 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=67694&q=80&r=2&u=https%3A%2F%2Fsilvergold.media%2Fmedia%2Fproducts%2F2607%2Ftn-2607-m.png&v=3&w=400&s=Wf3W0DyFK-petnfsf_PdvFOH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

995a583364a38449a42ac6d02525b8c7e99ea649f5e71b9f26aee6e71a938349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 23418
expires: Mon, 24 Jun 2024 03:29:14 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 5253 0
128 B 96ms
31ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=_AOO1RdGJKRP8y56CpG29a_-RVTdtdqPv6Azm9FAee1_Fh-brz5TaCJmP5mRYnOv0ksAbmVE_yXYyEFJjvm2rxEhtFBSlzRA6c8KmHDSZzYwURP3z_IcdfRYmnuR-0JupE_SrLf0cYy_EH51TD3YVKEe0BGK4K6NQiKej3lV7i1tc1_f-wIB6sl2s3iGYT1FRe-pbIQWekgex9vMm6gd5Fq8vWwGQdPapR-abLU4dx3lrBE73uW1kFnNS-edoOU_tqRNNg&sds=2&rev=87880&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Aug 2023 07:50:50 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5253 2 KB
1 KB 37ms
37ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Aug 2024 07:50:51 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5253 2 KB
1 KB 31ms
31ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 07 Aug 2024 07:50:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 71A3 0
23 B 57ms
56ms Image
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4cIKWovYZO7lMciZNZS2ksgCnIHvsFyqsaqqdMCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi00MTM4NjgzODM1NDM4OTQ4yAEJqAMByAMCqgT5AU_QTMMUoEQmYvhvra_ONqFjJ_Chzec4aN4xJQge6PkUMrTmwdcQmdtl1yyYQcB7uO6EqEQ0hyVVVBzRAlqFMuGHQqj7MMfCodjRxnsBUE6iEthJnnTNQ0l2hHt0BMbtt0G20KT7k1zoHblutyP3mU7BUE6PzuncRSXby14XkjltiAQvwQ32zAuRBJex4F1cLWfxwEH8YE24BtKXbfIYjCaWPLjaxOjlBEzLl6B2XpJPyqdkPx_TaIpAqnzn6B1LolwR6gvlYfyH_81AjikTg8I5FJX247nDVaUwpf3W_XO_Qle3SZS7pJooDiK5gPLmFC1dul848uhcg4AGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00MTM4NjgzODM1NDM4OTQ4GAA&sigh=EPiF3WgPopU&uach_m=[UACH]&cid=CAQSGwBpAlJWd43p90qxGEez7wdlvEiHgomh0HZskxgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 13 Aug 2023 07:50:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 13 Aug 2023 07:50:51 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 71A3 0
126 B 96ms
31ms Image
text/plain 74.119.119.130
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k5yrE8T6RO0HfOIinRcCAAAAKKXnF7EukOmoJT4PxDLAxxBai9hkJxPOm8fFbtGBxAAAEgAACgpBUVVCQ2dFUENn&wp=ZNiLWgAMcu4KDUzIAASbFOnGl9uKFVFubUjDBA&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.130 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:50 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 130515
server: Kestrel
content-length: 0

GET
H2 200 async-api.30bd804e-1.236.0.min.js Show response
js-agent.newrelic.com/ 3 KB
3 KB 56ms
16ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.30bd804e-1.236.0.min.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 366JrVMQzTPfkja9KvKWB.1FAlNj2g2u
date: Sun, 13 Aug 2023 07:50:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: WPMB38P8A8K3PR9F
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2851
x-amz-id-2: TqgapmMXrdSgPEvkY0F1JZgGquhoVdYCxS6/JmaUm8O/ubM+TqkEMofxwCMYtUDj0HIlq/Ss9LA=
x-served-by: cache-yyz4557-YYZ
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1691913052.703093,VS0,VE0
etag: "ce1527db8799a0ba1913b5c7b7f666aa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 12

GET
H2 200 860.03a8b7a5-1.236.0.min.js Show response
js-agent.newrelic.com/ 14 KB
14 KB 56ms
17ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/860.03a8b7a5-1.236.0.min.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: iJSI6dlO2Ys6eX3e0ReqL6kXFai6YRCl
date: Sun, 13 Aug 2023 07:50:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: WPM5WRNEXYYG3DC0
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14276
x-amz-id-2: MLSwKD3F/LhDgrVBDkQOV83F0bvPOKBguG2eE1OrSqmSRFSN2rKfNKLi6wPN3QumDOk2rauucTk=
x-served-by: cache-yyz4557-YYZ
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1691913052.703083,VS0,VE0
etag: "5c2d33afe15ef1ea0f7dfd3d77677165"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 session-manager.2a64278a-1.236.0.min.js Show response
js-agent.newrelic.com/ 1 KB
2 KB 71ms
32ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.2a64278a-1.236.0.min.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: ur1tw3MWf2WErGuFKp0fYWjcNIfD4uOb
date: Sun, 13 Aug 2023 07:50:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: WPM8W1FXADKZH5AE
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1387
x-amz-id-2: Yjz9KSyLRmrz6AH0RodCcxNlc5+IdYp0+R55MudWJCMOAklnIfxkDD7ZRWSLoh7NBslTKKsnD8s=
x-served-by: cache-yyz4557-YYZ
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1691913052.703189,VS0,VE0
etag: "a097cb2068fb2d63e521cacf139c921d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 2BB7 200 B
844 B 17ms
16ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.myminifactory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5654133
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 155
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 13 Aug 2023 07:50:51 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Thu, 08 Jun 2023 20:06:51 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 479099
x-content-type-options: nosniff
x-request-id: 9f50a1ff-9fb6-4a4a-ad1b-5e646f52c925
x-served-by: cache-yyz4575-YYZ

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 105ms
57ms XHR
application/json 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230809&st=env

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

22c364205472bd3402138b0f3bf448fad314ba2c3acda5c2ef005d77cb0da9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11816
x-xss-protection: 0

GET
H3 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2BB7 631 B
690 B 16ms
16ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 13 Aug 2023 07:50:51 GMT
via: 1.1 varnish
age: 23543149
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 332
x-request-id: 39872815-b0a3-4563-8429-40694feb6aca
x-served-by: cache-yyz4556-YYZ
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 197088

POST
H2 200 csp-report
q.stripe.com/ Frame 2BB7 0
717 B 273ms
91ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691913051936803
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1691913051936255
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2BB7 0
718 B 272ms
90ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691913051936742
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1691913051936267
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame CE16 930 B
1 KB 18ms
16ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 264
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 13 Aug 2023 07:50:51 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 19
x-content-type-options: nosniff
x-request-id: a20b5db7-4b86-42fc-81eb-a2b4c9a6bf91
x-served-by: cache-yyz4575-YYZ
x-timer: S1691913052.715370,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame CE16 0
491 B 247ms
91ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691913051936803
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1691913051936280
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame CE16 87 KB
15 KB 16ms
16ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sun, 13 Aug 2023 07:50:51 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 250
x-cache: HIT
content-length: 15509
x-request-id: 12f73e1e-a017-498f-ab9a-0541cbf88ea8
x-served-by: cache-yyz4575-YYZ
server: Fastly
x-timer: S1691913052.738648,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 20

GET
H2 200 lazy-feature-loader.2f55ce66-1.236.0.min.js Show response
js-agent.newrelic.com/ 1 KB
1 KB 17ms
16ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-feature-loader.2f55ce66-1.236.0.min.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: SNNZ70_ndPBZM4f5drSRay_oJEEp97f5
date: Sun, 13 Aug 2023 07:50:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: WPM45ND6BHXMY08Q
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1085
x-amz-id-2: n/EUHz+KZ2D4Fj9Rr2CKpjtKZSBREaNgno/ZcloZkY0v50sm4n/OFOSPZbsZqG4uEqzqOgEcRhA=
x-served-by: cache-yyz4557-YYZ
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1691913052.743587,VS0,VE0
etag: "e43b565f398109176254b8a9394de5ba"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 96ms
96ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Aug 2023 07:50:51 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame CE16 156 B
670 B 274ms
90ms XHR
application/json 35.84.229.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.84.229.168 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-84-229-168.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a1a264eec471434bcfa8e2586ec64fe0cbed7b2daefabb5306dc8028f8d1b504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 13 Aug 2023 07:50:52 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1691913052068914
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1691913052068590
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 148.1a20d5fe-1.236.0.min.js Show response
js-agent.newrelic.com/ 8 KB
8 KB 16ms
16ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/148.1a20d5fe-1.236.0.min.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: ScUpW5z6XcbV4AsRwaGpjCwUtY9KtEdV
date: Sun, 13 Aug 2023 07:50:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: WPMEWYCNAXTARMZC
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7826
x-amz-id-2: mu2QA3NZm4wUQXRT3Qv39BLyP+dYlKOcFbd1si5hKUocxuAF33X0Lz//sX8XlI9qV6P2AkYwwsg=
x-served-by: cache-yyz4557-YYZ
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1691913052.844548,VS0,VE0
etag: "bed1f74897d091a7dfc2b06e8a1e29a3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 35

GET
H2 200 page_view_event-aggregate.06482edd-1.236.0.min.js Show response
js-agent.newrelic.com/ 11 KB
11 KB 18ms
18ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.06482edd-1.236.0.min.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: olBWVnN3KrZD.7AbCiVQ_LmF1ZBKIJEh
date: Sun, 13 Aug 2023 07:50:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: WPM2GW2AF0DGG1V3
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 10978
x-amz-id-2: 3rTmUMCPSQAh42lNwzj/gDMtsov24GIGY54t5olgBe/+wzloL6gaATfg1EzAxFGxWpvefL7v5PY=
x-served-by: cache-yyz4557-YYZ
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1691913052.844807,VS0,VE0
etag: "553d27144d4f9fbe7e31b802107a2071"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 page_view_timing-aggregate.bd6de33a-1.236.0.min.js Show response
js-agent.newrelic.com/ 15 KB
15 KB 20ms
20ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.bd6de33a-1.236.0.min.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 9W2va1QLSUaCTJ3OoHH2ZOYSIAKsuvOr
date: Sun, 13 Aug 2023 07:50:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: WPMBET81EG24R1Z8
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14879
x-amz-id-2: lfk5mB7rgHvTQ1ycPD+NiFHDrsno0VP8lumGh6PeM5rnEYOYzV4y0UvkEbXcRJG4B3KufIzerww=
x-served-by: cache-yyz4557-YYZ
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1691913052.845452,VS0,VE0
etag: "01e96e9ff5c360298d13581ad38e60a8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7

GET
H2 200 metrics-aggregate.3dc53903-1.236.0.min.js Show response
js-agent.newrelic.com/ 8 KB
8 KB 24ms
24ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.3dc53903-1.236.0.min.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Z8jxLQfOXuFmYqpMJ60TDp7HscNrmk8O
date: Sun, 13 Aug 2023 07:50:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: WPM44J5YDG8P5RK3
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 8471
x-amz-id-2: abp1+4QO91HlWnwuTKWHbu9E/WFCb+yYmgrbIb5fk4gpd9k3zvTDb+lEpPj6S7FUUppcZH5LHp8=
x-served-by: cache-yyz4557-YYZ
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1691913052.845800,VS0,VE0
etag: "a912f1cb80b2d3cf15f10d9d022b6188"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 35

GET
H2 200 jserrors-aggregate.49e41428-1.236.0.min.js Show response
js-agent.newrelic.com/ 9 KB
10 KB 33ms
32ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.49e41428-1.236.0.min.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7662bd2cb7034d86dc4bdb707af33dd9ca3198a95d392067ee3c0c9ffaffdf0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: .ACjr0HqA7HhCmbDNUQuLIwun1cgXyhg
date: Sun, 13 Aug 2023 07:50:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: WPM0KFX7M6ERMNK3
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 9489
x-amz-id-2: seqJdAtiggY6bnXdaW7b2qW6MIwMjqgwAmMolkmTHo4t7Lku5sKsvUNnaG8WIFmUy327JRtfWoU=
x-served-by: cache-yyz4557-YYZ
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1691913052.846125,VS0,VE0
etag: "ea0f213ac446fa34c085f244b9573b9d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6

GET
H2 200 ajax-aggregate.998ef92b-1.236.0.min.js Show response
js-agent.newrelic.com/ 7 KB
7 KB 33ms
33ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.998ef92b-1.236.0.min.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fcb70cd5b8090d9144eeef2f1665608ee4fa67dab1fd167f49af074a42b9101e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: xVg3CmVvsRmAix36ZLYuy_uCZQf0TjpD
date: Sun, 13 Aug 2023 07:50:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: WPM9C6PY6BEHHCAM
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7044
x-amz-id-2: 7qcN0YonSWnojF9Ez8Bw69Ymt2bYhohZ2SB9tAOe0WDopQbxOiDLxxDNF1V69WijvNs7KonmNY8=
x-served-by: cache-yyz4557-YYZ
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1691913052.846405,VS0,VE0
etag: "07e3c83179c7da2e2f464a72b084aacf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 session_trace-aggregate.83105561-1.236.0.min.js Show response
js-agent.newrelic.com/ 12 KB
12 KB 33ms
33ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.83105561-1.236.0.min.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0d7c9c8e398100c60b41833292522f27b1e6b12c057442536ff98995d90f08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: JP1nny3GAhH60lOAbY5zpQuuXGmtQF2W
date: Sun, 13 Aug 2023 07:50:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: WPM16P96J5V669BJ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12146
x-amz-id-2: jJrVcgiMAMw+1znfXBBFFdsnwP3PAQ4FRfXuP6EHkIBh5NwVnUruD8jkyWES3K4SrnxOCBMMpNQ=
x-served-by: cache-yyz4557-YYZ
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1691913052.847034,VS0,VE0
etag: "4ef8d054860549421e884b3d2d74b83e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 32

GET
H2 200 page_action-aggregate.ac76d497-1.236.0.min.js Show response
js-agent.newrelic.com/ 5 KB
5 KB 37ms
36ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.ac76d497-1.236.0.min.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0b09c565baa3b8d3de7ea5b132e22c0ed1bb8943ae83d1bff9421e62ae8d8800

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: d39kPm7I27R6JP_9CC8D6A917GdgqR8V
date: Sun, 13 Aug 2023 07:50:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: WPMBYF8025TP0RA5
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4643
x-amz-id-2: TLYkEUZqfbl+LNosY5/XDO/DyzsIXPiAVu/BDssOOF7UFfVm59Y8Nw4d4GrpyThEc2ihc5+mG1w=
x-served-by: cache-yyz4557-YYZ
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1691913052.847354,VS0,VE0
etag: "8862791debd0b259297a0ccf618932eb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 spa-aggregate.e6b09d52-1.236.0.min.js Show response
js-agent.newrelic.com/ 20 KB
21 KB 41ms
40ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.e6b09d52-1.236.0.min.js

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

167c7894014a33b184a658a4883c24c20bbd158dc04b7fef709f80a4bca6a7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: k3LNqXtDnYaGJRciEwS012KKWchlproy
date: Sun, 13 Aug 2023 07:50:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: WPM6PP18CKSNG0RN
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 20843
x-amz-id-2: uVBxSFUyzUvSo0R29iF8dGmyazdCLAYuUwRFnoGSjAlhP1S3oNnj3t+3805ZCIZ0iC1aPsZFa1w=
x-served-by: cache-yyz4557-YYZ
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1691913052.847696,VS0,VE0
etag: "27ef55ddf9eded9cf24ce8747e8bbe04"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4

POST
H/1.1 200
OK NRJS-1d20518d243f7f9c105 Show response
bam.eu01.nr-data.net/1/ 40 B
458 B 493ms
441ms XHR
text/plain 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-1d20518d243f7f9c105?a=491745513&v=1.236.0&to=MhBSZQoZWEBSWkZcCQtacVIMEVldHExBUBQ6BlheDw%3D%3D&rst=2140&ck=0&s=b946777d03fbd00c&ref=https://www.myminifactory.com/users/investigating-business-joe-biden-son&af=err,xhr,stn,ins,spa&ap=44&be=173&fe=1767&dc=561&at=HldRE0IDS04%3D&perf=%7B%22timing%22:%7B%22of%22:1691913049722,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:13,%22c%22:13,%22s%22:29,%22ce%22:87,%22rq%22:87,%22rp%22:173,%22rpe%22:225,%22di%22:629,%22ds%22:629,%22de%22:733,%22dc%22:1932,%22l%22:1932,%22le%22:1940%7D,%22navigation%22:%7B%7D%7D&fp=749&fcp=749
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://www.myminifactory.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 13 Aug 2023 07:50:52 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.myminifactory.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-yyz4577-YYZ

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F316 13 KB
5 KB 24ms
24ms Document
text/html 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.myminifactory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 275781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 03:14:30 GMT
expires: Fri, 09 Aug 2024 03:14:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7C3E 831 B
1 KB 113ms
51ms Document
text/html 172.217.13.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f4.1e100.net

Software

GSE /

Resource Hash

b517d7bc19ced267a02e200b6d80353fdf6b5db501ddf6ab14f93d5bac4e6074

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ktF6zE1TtydFLQouIqZJLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.myminifactory.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 533
content-security-policy: script-src 'report-sample' 'nonce-ktF6zE1TtydFLQouIqZJLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 07:50:52 GMT
expires: Sun, 13 Aug 2023 07:50:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js Show response
pagead2.googlesyndication.com/bg/ Frame F316 37 KB
14 KB 24ms
24ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

sffe /

Resource Hash

b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 06:27:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 437015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14666
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Aug 2024 06:27:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7C3E 0
0 54ms
54ms Image
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230809&jk=3543916084113125&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F316 0
10 B 23ms
23ms Image
text/plain 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lwi4oQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:50:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK NRJS-1d20518d243f7f9c105 Show response
bam.eu01.nr-data.net/events/1/ 24 B
342 B 123ms
123ms XHR
image/gif 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/events/1/NRJS-1d20518d243f7f9c105?a=491745513&v=1.236.0&to=MhBSZQoZWEBSWkZcCQtacVIMEVldHExBUBQ6BlheDw%3D%3D&rst=2645&ck=0&s=b946777d03fbd00c&ref=https://www.myminifactory.com/users/investigating-business-joe-biden-son
Requested by: Host: www.myminifactory.com
URL: https://www.myminifactory.com/users/investigating-business-joe-biden-son
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.myminifactory.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 13 Aug 2023 07:50:52 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.myminifactory.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-yyz4577-YYZ

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 71A3 42 B
64 B 57ms
57ms Fetch
image/gif 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss28Z6nZNTmecmaKkCic6Wx3aiV6jgIHgM0in65gm6pMjHELkCduFFQrIdo3iwsCA8acl2OU3ZGt2rAlOBdswgqgPsJjNO0e3CNC8s&sig=Cg0ArKJSzCqGvi07GQ37EAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,766,1000,1096,1123&tos=83,683,234,96,27&v=20230809&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691913051133&rpt=248&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 07:50:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 5253 0
127 B 32ms
31ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Aug 2023 07:50:52 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230809&jk=3543916084113125&bg=!1Nel14PNAAaiGN5Pghg7ADkAdvg8WoowRHPdjkZLPe1r-je2lm49cx6hAJtji99-RYMP0RPerM0qVabUEmSdgUfxv7YKEl4HEtMCAAAAVlIAAAAGaAEHmQLQDMaDOeXL1R4wfOzdCTYa_iUFV9yitfRgIR5t6lCbIdN3PmbRpE41_Xwl4A_pL2cHGHAHadhigdkQx9-TwXbHXTtARn0EOq9j0jNeJ93pYpgb_EP8JS0Dj2DymJZ94xSXy8rwUPn3RYhMWNlgNKkLhTYQEkMD0MJE-whQYqJNT0XFoouSyYyuwLq67AuVOkq5N-PWaDC80zFngwwTIa7KGmEByLHiHdNHeLnFNJVJH4esM85NMEtBBmPHl2W40fJnO7Gtow9OroRygBpOLeGvTiNFvOEvxyKZtM0tEcU9f1YbvSiRUAFS8U7tI5I0B8A1yFeTXdfjIbo-xTKuir9w1XiaVDXXdI06Treu4FUU8rXH2Df4bidLxfeKtE-O6kkgcxKHUXOd1lajSTyh88LzdxnSyyJQ0yWPp4Ovjh2fIxzMcoRlSEYMArlYSCC5aZqiQYnlxNQ1LkI_QNkZcCIFy1LN-5mwEW3APkV_54FSCaaZXV1y25AXtWmDcu6RZ4b2aVI62UPLxfjPNwWITZ-JDBPyNWrZLhAtO67SzzbGQML68euvkFlLgHsC0YOSKMs5Tcpi-u4KcCITpzZCmZkS-k_uoSa4GKwbwXRkV4ql7Zie9H_G6ufO4BzmRMTlo5YgDUDXjV8bKlg0-suZQLMsofWkSeIM2BAxWnYCPt7DMwPWkWw_ykQsdjv05MwpybJF-tpfz8g1BDOx7HPoZZouOuLpebLM-tLzd5PLIcpCqZTWrGSVgf6FIeZfguC3gJZIAAEsNZExPMNm-V5TjwY_3wI9Mc5mADUu9656CwOr4PIhgPHPInMZSEmIBk5bGzTgFrf4LkIYKC8oxsom9w1A62ZBeQH4ss9GQ6pjYenBCiqq8jlpwxLpDHwPRtlWuG0qXMOsyN8_4b0vGpS1dOB-arnnmMagbZmH-ZonF_pFfSsRcG-LQSJEYSlN-Baz5_rr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 47ms
46ms Ping
text/plain 172.217.13.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZPV6BRC3CZ&gtm=45je3890&_p=648686918&cid=1401180838.1691913051&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=3&sid=1691913050&sct=1&seg=0&dl=https%3A%2F%2Fwww.myminifactory.com%2Fusers%2Finvestigating-business-joe-biden-son&dt=Investigating%20the%20business%20dealings%20of%20President%20Joe%20Biden%27s%20son%20%40investigating-business-joe-biden-son%20-%20MyMiniFactory&en=ad_impression&ep.customTask=function(a)%7Bvar%20b%3Dgoogle_tag_manager%5B%22rm%22%5D%5B%22116938654%22%5D(2)%2Cc%3Dgoogle_tag_manager%5B%22rm%22%5D%5B%22116938654%22%5D(3)%2Cf%3D%22__gtm_campaign_url%22%2Cg%3D%22__gtm_referrer%22%2Ch%3Dgoogle_tag_manager%5B%22rm%22%5D%5B%22116938654%22%5D(4)%2Cd%3D!0%2Ce%3Dfunction(k)%7Bdocument.cookie%3Dk%2B%22%5Cx3d%3B%20path%5Cx3d%2F%3B%20domain%5Cx3d%22%2Bh%2B%22%3B%20expires%5Cx3dThu%2C%2001%20Jan%201970%2000%3A00%3A00%20GMT%22%7D%3B%22undefined%22!%3D%3Dtypeof%20b%26%26(a.set(%22location%22%2Cb)%2Ca.set(%22page%22%2Cdocument.location.pathname%2Bdocument.location.search)%2C!0%3D%3D%3Dd%26%26e(f))%3B%22undefined%22!%3D%3Dtypeof%20c%26%26(a.set(%22referrer%22%2Cc)%2C!0%3D%3D%3Dd%26%26e(g))%7D&ep.transport=beacon&ep.query_id=CO76iaOT2YADFchMDQodFJsEKQ&_et=510
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZPV6BRC3CZ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.13.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.myminifactory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 07:50:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.myminifactory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.criteo.net
URL: https://static.criteo.net/design/dt/1ccdc96a10814ce19f0b5b19ef8cc44b_ProximaNovaSoft-Semibold.woff

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.myminifactory.com/	1970-01-20 22:44:09	Name: hl Value: en
www.myminifactory.com/	1970-01-20 14:43:11	Name: device_view Value: full
.myminifactory.com/	1970-01-20 14:41:45	Name: SESSID Value: e035ec2bb438db5a03fb0004fc25d1e8
www.myminifactory.com/	1970-01-20 23:24:28	Name: _pk_id.1.2bd0 Value: a40c050552febd87.1691913051.1.1691913051.1691913051.
www.myminifactory.com/	1970-01-20 13:58:34	Name: _pk_ses.1.2bd0 Value: 1
.myminifactory.com/	1970-01-20 23:34:33	Name: _ga Value: GA1.1.1401180838.1691913051
.myminifactory.com/	1970-01-20 23:20:09	Name: __gads Value: ID=03479dcacd30c157-22d631dc98e30083:T=1691913050:RT=1691913050:S=ALNI_MagyJ7kqTLquxJohoUiVBG30V9BVA
.myminifactory.com/	1970-01-20 23:20:09	Name: __gpi Value: UID=00000d8ac6672a53:T=1691913050:RT=1691913050:S=ALNI_MbvnsXkFQqIv_GRVgLB3vyxbfL6YA
.myminifactory.com/	1970-01-20 23:34:33	Name: _ga_ZPV6BRC3CZ Value: GS1.1.1691913050.1.0.1691913051.0.0.0
.doubleclick.net/	1970-01-20 23:34:33	Name: IDE Value: AHWqTUnmioC1mynI3zpLbnAWYQfElHjtVDgT2_O-Y56GpLoLNUanjNuFrmcdXr0eyrM
m.stripe.com/	1970-01-20 23:34:33	Name: m Value: 4ea37296-0530-45aa-b33b-8b45e3108e14cab935
.www.myminifactory.com/	1970-01-20 22:44:09	Name: __stripe_mid Value: 4022eb89-f68e-4cae-8679-d0f1f05620a28c9776
.www.myminifactory.com/	1970-01-20 13:58:34	Name: __stripe_sid Value: 561426f7-1759-4279-a61a-b75c82df7e9d1937e4

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230809/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	error	URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZNiLWgAMcu4KDUzIAASbFOnGl9uKFVFubUjDBA&u=%7CGh4KkWwLtkoRGDpuXNzK2Svdv7hDiSw6Z%2F3TsOIsEyo%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78fwmt6rmcK3mPgxp68nnidI182ceugMhzNYbUUPAg0G-X_4JN57jfH1POAoNI0P-JmwPrPKRhcUSrHcDK-rF-rsgjon1qwcVGyouoaGEQ54Jmq9YQdn9z-G0VsLaTSLrN1hBI43X_QjFeWHQ1EbUwvnDTKkO7_0JUmzS7H9e2LzSalXLcZMjO6BORQaEyntGAjj-3W3ALmVHgWekogNdUgsaUwBWyldJinYHWv0f8UAEhzoLwFpbOqwBpE8H3jPPBuo-GJRhuaWFxkRT-LAKs0hEpDDWO4ac-MB298N1wVPRmf2ChAGkoe3KBfJDUIz02LRkfVcTqomjNHnNLVczyhQvRC75p7TeabAv4RXBOLBFTY7fuYEI3PoD-25JrBC-3oCvVQ3pEH94oIr9N3i4klqmZ1EoAGCIi7g2mJ6lat6pf2VCZ0TKXOaz3UDWaifTGhuwEVa-9-V1WSph-yE4c-o8IrCmPJftNyNHBSMCms8s5Vestvn-KaMkYFWpn_STxDSIMjTmSeWhgaRlvZ9r0SJ06-LiBIIZTB_G5sQS1pawkMcrXwk41MJeoNzJdrkI1IkPVNo1Oyjl-ha0w_bltv6Dj9wrjz81F_jQEHvq0-FiVDqf3ukjdPxBn_3-wKm34sh8-f-ocNcuuiUB35F_9ZA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6xMWWovYZO7lMciZNZS2ksgCnIHvsFyqsaqqdMCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi00MTM4NjgzODM1NDM4OTQ4yAEJqAMByAMCqgT8AU_QTMMUoEQmYvhvra_ONqFjJ_Chzec4aN4xJQge6PkUMrTmwdcQmdtl1yyYQcB7uO6EqEQ0hyVVVBzRAlqFMuGHQqj7MMfCodjRxnsBUE6iEthJnnTNQ0l2hHt0BMbtt0G20KT7k1zoHblutyP3mU7BUE6PzuncRSXby14XkjltiAQvwQ32zAuRBJex4F1cLWfxwEH8YE24BtKXbfIYjCaWPLjaxOjlBEzLl6B2XpJPyqdkPx_TaIpAqnzn6B1LolwR6gvlYfyH_81AjikTg8I5FJX2obvjxw7CLP0VdB4zqS0-iiOHjJMGFuYic4hv3ZNDlkeRJHlcQMlIIIAGu9yb5qGzvvJboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3MSqVxgBP-e03KQB6idNHgSdt8ug%26client%3Dca-pub-4138683835438948%26adurl%3D Message: Access to font at 'https://static.criteo.net/design/dt/1ccdc96a10814ce19f0b5b19ef8cc44b_ProximaNovaSoft-Semibold.woff' from origin 'https://ads.us.criteo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.criteo.net/design/dt/1ccdc96a10814ce19f0b5b19ef8cc44b_ProximaNovaSoft-Semibold.woff Message: Failed to load resource: net::ERR_FAILED
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
bam.eu01.nr-data.net
cat.va.us.criteo.com
cdn.myminifactory.com
cdnjs.cloudflare.com
csm.us.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.us.criteo.net
js-agent.newrelic.com
js.stripe.com
m.stripe.com
m.stripe.network
pagead2.googlesyndication.com
partner.googleadservices.com
q.stripe.com
rtb.va.us.criteo.com
static.criteo.net
static.myminifactory.com
stats.myminifactory.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.myminifactory.com
static.criteo.net
104.17.25.14
142.44.215.232
151.101.194.137
151.101.64.176
172.217.13.104
172.217.13.129
172.217.13.132
172.217.13.194
172.217.13.202
172.217.13.206
172.217.13.98
172.217.13.99
172.67.70.176
185.221.87.23
200.225.45.125
35.84.229.168
54.187.119.242
54.39.128.68
74.119.119.130
74.119.119.131
74.119.119.147
74.119.119.149
74.119.119.65
74.119.119.80
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b09c565baa3b8d3de7ea5b132e22c0ed1bb8943ae83d1bff9421e62ae8d8800
0b591d7aa0ab3f32084622439b46b4e7ff7f194b4e610f30b3a78efb7100ba7e
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307
13de044d68993405a80659aa73e638fccf9ef881efb645d4860d0e3fc02d63dc
167c7894014a33b184a658a4883c24c20bbd158dc04b7fef709f80a4bca6a7d1
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1afb087ae39b2e9783d2d26fb2d27f8113c11ac357c2f6b3a148031594c48565
21e34ff1b800fbfedfa6ae535ba85dd0d2b98f329e99351cc2133f04ffc90c7d
22c364205472bd3402138b0f3bf448fad314ba2c3acda5c2ef005d77cb0da9f6
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2b1f85e9b20017ca2586f7cfe68dd7cc4a45e09c68735058e15c9279f353db63
2c7f696d13db2720d02a4602e9844e4e6f6acedf9a76bcda2ca0afe15e566f57
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3d1c5acd18b9d73415aa47ff82ca933a9296f8532265c1c79ea17cd6a7c2e339
3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
4c1e9d53bdca9e8df19addce5c06378995273a2f1fcd589afeadb25478bd749d
4d5eb03f979ffd46386cd15d0358768bc01273d1c772797cb9fc24f78fc73f83
4db2dad2f979699dc1f091b9e5bc8346c03b2d5c9dd4bceee5d9e8fe85ac83d7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc2b513249d2847de2a60e9e3e8a15429885cb79277f579e9a762f2b2c656e1
50e434b0f95ac040a563a6d05786761310118011f756b22fee50f3cdd8982562
5198ad1ba2a0db18241a5a3b83f880b16e895c10b9c2ead3a5ee07eea337fb0c
541cf0dab54f05f1bc4d2de18241b55ec3d475cda803629a8203ff954b9825ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5569da5d9f599327b3f7c05b68d19cc86fe4a189eae2add0be6880bbde65fc8c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560411211a9e418188accab900dbf3f843fafbf52ab2e33c3975bffa1a421932
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
6ce446b54f436b6093ac2ef44c24e3c5f65b0b0c9d9a7dddf4943f192ae69dd1
6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7662bd2cb7034d86dc4bdb707af33dd9ca3198a95d392067ee3c0c9ffaffdf0e
76985e019b5dd6751898d24357243dceb50389ed6c0d64dfcf050ca7fdaef668
77616782a5fe0480d131a7cfbf2a34e3a4196cb6f5f91140c231d8410287d61f
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
873179c98baba24a755b864acd618408c10da05e3e8188e01c79cc8cc1b9ea02
8c5fe230b66170aa2638efc812e109610e3168bb36f054322a0b00b6727e6fd9
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9848e541a0621a816f920b70fb564b4c225f3847c436240015667cbae31d45d8
995a583364a38449a42ac6d02525b8c7e99ea649f5e71b9f26aee6e71a938349
9abb500e5b63142288a3f9834767694f704492c7f623f8f8f01903a79b7638c2
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a18cf11950e58d6115156a283eeebc919dd5cfa1a9fee3a591ca969fd645637e
a1a264eec471434bcfa8e2586ec64fe0cbed7b2daefabb5306dc8028f8d1b504
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a6f61fa3572660c1449c2254414d3abeadb6d01a1a93981bab3fb105d4dc568d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
af84f7321a0f44e001598c3f3ed2b954bc839c24da54a087474ef42135e5aed8
b517d7bc19ced267a02e200b6d80353fdf6b5db501ddf6ab14f93d5bac4e6074
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
ba2f70105afb1f00f4652d43aabe36abef50ed983f458b299d7408eb0ba7cd24
c5d1a2561a99927e39665660dc663807416751dedb6d7a68842f161ffd197a63
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
c979be3ca2ea19a41e656e1372c36f4677da11ace44f40c27c2c48bfe5a33cca
cbf2c3c185258de8a5b835e8e01a8c19a196221f1b8e32c4ae73dcbcb2c282d4
cceeaca6145adc0ce5dae2d9a1cbf0659624948a157c18102a25d8cc3dc81408
cd0e86b0de1902d47a654d5a3facc55b591fe25783107f1192113110945f71d6
d0d7c9c8e398100c60b41833292522f27b1e6b12c057442536ff98995d90f08c
d684bf60dd91562731a3bf780d28f4434756e58281cb043d51339a886b63b0a4
d6a4cb1bf01a470577b2fa8b10c72b85e60165f1551f8e76b6a7462d2b70eef5
d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e05ca7b1a10e15417a81d1dc1e7d4887ec664e603c2238bd3920372fc94fe4d2
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e14b286f4ffc637c2d9248c575ded30ca2be85556d11d53dfe3324a35695e3d9
e1d6435f22a34ccdcd3cecd592e7da6780a20692e63b13600df9231bdeb0d119
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ca86a9c2dc043939f5f0f27e82894eaac7accc27a621731cbf4e17c52df02d
e8956e37563c5f53b60e585f416ebc761229f44fb325ecde18cd9626ef6104bb
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
e9528f094c9815489d24afd9d9babed7632db2e153313be55d01ff2352cdcf03
eaf0100cf4ffd029a016ef1201ccefb65c7e704a9482bb401049337119628040
ebab1e467f963f962640fe8fa1377987cdaa2c2791ef3a8da19653a610f37c32
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd
fabeee0d62bda5b76e5cd511d0cfc1c74af6597b880ddb7ce5336151a0b93583
fcb70cd5b8090d9144eeef2f1665608ee4fa67dab1fd167f49af074a42b9101e

www.myminifactory.com Open in urlscan Pro 142.44.215.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

99 %HTTPS

0 %IPv6

17 Domains

27 Subdomains

25 IPs

4 Countries

3050 kBTransfer

9109 kBSize

13 Cookies

5 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.myminifactory.com Open in urlscan Pro
142.44.215.232 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

99 %
HTTPS

0 %
IPv6

17
Domains

27
Subdomains

25
IPs

4
Countries

3050 kB
Transfer

9109 kB
Size

13
Cookies

106 HTTP transactions
1 data transactions