thefederalist.com Open in urlscan Pro
2606:4700:20::681a:c80 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Submission: On March 05 via api (March 5th 2021, 5:09:32 pm UTC) from SA

Summary HTTP 106 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 38 IPs in 3 countries across 28 domains to perform 106 HTTP transactions. The main IP is 2606:4700:20::681a:c80, located in United States and belongs to CLOUDFLARENET, US. The main domain is thefederalist.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2020. Valid for: a year.

This is the only time thefederalist.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2606:4700:20:... 2606:4700:20::681a:c80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	65.9.19.93 65.9.19.93	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3037::6815:5eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
6	104.84.56.112 104.84.56.112	16625 (AKAMAI-AS) (AKAMAI-AS)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	184.30.21.162 184.30.21.162	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:20d... 2600:9000:20d7:7400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e0:... 2606:4700:e0::ac40:6c1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e2:... 2606:4700:e2::ac40:8620	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:a913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
106	38

34 2606:4700:20::681a:c80 (United States)

ASN13335 (CLOUDFLARENET, US)

thefederalist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.19.93 (Orlando, United States)

ASN16509 (AMAZON-02, US)

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:5eb (United States)

ASN13335 (CLOUDFLARENET, US)

a.publir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.84.56.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

thefederalist23.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-162.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:7400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6c1b (United States)

ASN13335 (CLOUDFLARENET, US)

code.jguery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8620 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:a913 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	thefederalist.com thefederalist.com	3 MB
9	google.com fundingchoicesmessages.google.com www.google.com	105 KB
9	youtube.com www.youtube.com	679 KB
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	118 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	89 KB
5	addthis.com s7.addthis.com api-public.addthis.com	191 KB
3	disquscdn.com c.disquscdn.com	230 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	disqus.com thefederalist23.disqus.com disqus.com	37 KB
3	wp.com s0.wp.com stats.wp.com pixel.wp.com	6 KB
3	publir.com a.publir.com	397 KB
2	facebook.com www.facebook.com	333 B
2	google.de www.google.de	590 B
2	4dex.io script.4dex.io	21 KB
2	facebook.net connect.facebook.net	92 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
1	ytimg.com i.ytimg.com	24 KB
1	ggpht.com yt3.ggpht.com	1 KB
1	jguery.com code.jguery.com	34 KB
1	lockerdome.com lockerdome.com	2 KB
1	addthisedge.com v1.addthisedge.com	726 B
1	quantcount.com rules.quantcount.com	358 B
1	moatads.com z.moatads.com	1 KB
1	lockerdomecdn.com cdn2.lockerdomecdn.com	3 KB
1	googletagmanager.com www.googletagmanager.com	30 KB
1	googletagservices.com www.googletagservices.com	20 KB
1	mailchimp.com cdn-images.mailchimp.com	1 KB
1	googleapis.com fonts.googleapis.com	1 KB
106	28

	Domain	Requested by
34	thefederalist.com	thefederalist.com
9	www.youtube.com	thefederalist.com www.youtube.com
6	fundingchoicesmessages.google.com	a.publir.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	api-public.addthis.com	s7.addthis.com
3	www.google.com	thefederalist.com www.youtube.com
3	c.disquscdn.com	thefederalist23.disqus.com
3	stats.g.doubleclick.net	www.google-analytics.com lockerdome.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com thefederalist.com
3	a.publir.com	thefederalist.com a.publir.com
2	www.facebook.com	thefederalist.com connect.facebook.net
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	www.google.de	thefederalist.com
2	script.4dex.io	a.publir.com script.4dex.io
2	connect.facebook.net	thefederalist.com connect.facebook.net
2	thefederalist23.disqus.com	thefederalist.com
2	s7.addthis.com	thefederalist.com s7.addthis.com
1	www.gstatic.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	disqus.com	thefederalist23.disqus.com
1	code.jguery.com	thefederalist.com
1	lockerdome.com	cdn2.lockerdomecdn.com
1	pixel.wp.com	thefederalist.com
1	v1.addthisedge.com	s7.addthis.com
1	pixel.quantserve.com	thefederalist.com
1	rules.quantcount.com	secure.quantserve.com
1	z.moatads.com	s7.addthis.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	cdn2.lockerdomecdn.com	thefederalist.com
1	secure.quantserve.com	thefederalist.com
1	www.googletagmanager.com	thefederalist.com
1	stats.wp.com	thefederalist.com
1	s0.wp.com	thefederalist.com
1	www.googletagservices.com	thefederalist.com
1	cdn-images.mailchimp.com	thefederalist.com
1	fonts.googleapis.com	thefederalist.com
106	38

This site contains links to these domains. Also see Links.

Domain
newsletters.thefederalist.com
twitter.com
www.facebook.com
itunes.apple.com
www.podcastone.com
nypost.com
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-18` - `2021-07-18`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
cdn-images.mailchimp.com Amazon	`2020-06-28` - `2021-07-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
publir.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2021-04-07`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
cdn2.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2019-03-06` - `2021-05-05`	2 years	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Frame ID: DFE7568FB8964CA02114B5FA4AA83129
Requests: 89 HTTP requests in this frame

Frame: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent
Frame ID: DD6F9FFE834D06D64E7354CFFB1E0AA9
Requests: 17 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13763695616668774?pubid=ld-8338-5341&pubo=https%3A%2F%2Fthefederalist.com&rid=&width=678
Frame ID: 4C56AAB141006ED7205C12596E06C4AE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

106
Requests

100 %
HTTPS

74 %
IPv6

28
Domains

38
Subdomains

38
IPs

3
Countries

5139 kB
Transfer

9341 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://newsletters.thefederalist.com/
Title: subscribe

Search URL Search Domain Scan URL

URL: https://twitter.com/FDRLST

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fdrlst

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/podcast/the-federalist-radio-hour/id983782306?mt=2

Search URL Search Domain Scan URL

URL: https://www.podcastone.com/the-federalist-radio-hour
Title: podcast

Search URL Search Domain Scan URL

URL: https://nypost.com/2020/10/15/emails-reveal-how-hunter-biden-tried-to-cash-in-big-with-chinese-firm/?utm_source=twitter_sitebuttons
Title: bombshell report

Search URL Search Domain Scan URL

URL: https://nypost.com/2020/10/14/email-reveals-how-hunter-biden-introduced-ukrainian-biz-man-to-dad/
Title: shocking report

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

106 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/ 48 KB
11 KB 749ms
722ms Document
text/html 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 9d10678e99416091e7a7e2ae00392bac1dcb8fda5a2b1c228ec4106050bd22ba

Request headers

:method: GET
:authority: thefederalist.com
:scheme: https
:path: /2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=de1f1e6453fdd037a3eb47c85d92941bf1614964145; expires=Sun, 04-Apr-21 17:09:05 GMT; path=/; domain=.thefederalist.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link: <https://thefederalist.com/wp-json/>; rel="https://api.w.org/"
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
cf-cache-status: DYNAMIC
cf-request-id: 08a4f6558800004ab577a8a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J1laUNTlgw9fZbZKHtsqRnfSnToRK88MMhooYbQSj3O3Bfnkj%2Ff0yvJDo69Aruk7y%2B%2BggxbdueREq1b%2BoUOd116NXO11htpNBHbzSoyi5WUA8ouQS%2FW3qZ8GdSZG5w%3D%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62b4f335a9af4ab5-FRA
content-encoding: br

GET
H2 200 style.min.css
thefederalist.com/wp-includes/css/dist/block-library/ 29 KB
5 KB 24ms
15ms Stylesheet
text/css 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6792547
cf-request-id: 08a4f6587600004ab5be378000000001
last-modified: Mon, 22 Apr 2019 12:40:04 GMT
server: cloudflare
etag: W/"5cbdb624-726f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BUZsSIwJSTSl%2FtuXSnGWcUPIWyWRbolPyRoB%2B3sVAXB2rCFueMocX6meyD9W3v8D7VFRjRLlP3DFG0fpYYi%2B%2BUyAelBBPKyjCqcGb9nmjEW8mjYlU9NoOMcgQDIGKg%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 62b4f33a593c4ab5-FRA

GET
H2 200 easy-author-image.css
thefederalist.com/wp-content/plugins/easy-author-image/css/ 945 B
531 B 24ms
16ms Stylesheet
text/css 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/wp-content/plugins/easy-author-image/css/easy-author-image.css
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457c059f99692060a9396396cd73c1aa02c254eac2c794b004e9c115d1bb1f1c

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 10592735
cf-request-id: 08a4f6587600004ab594abd000000001
last-modified: Mon, 16 Sep 2019 05:39:20 GMT
server: cloudflare
etag: W/"5d7f2008-3b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hJD8uUENucHeRSpiGKnsr6Pjid7YoAQCZfTvmYdlErES3p2mlUqo8QuUQluZ%2BWarJM111nyZbA8gdb%2F8HmRH%2BeIXRJ62DCf%2FwrEkWRFMM%2FrM0Y84%2FlRoEUmD3rsZ%2FA%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 62b4f33a593e4ab5-FRA

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 33ms
25ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arbutus+Slab%7COpen+Sans%3A400%2C400i%2C700%2C700i%7COswald%3A400%2C700%7CPhilosopher%3A400%2C400i%2C700%2C700i

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f16a43a6719b1b65129964d971809979e58a404c2f2609dc7d3a6d504236d237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Mar 2021 17:07:33 GMT
server: ESF
date: Fri, 05 Mar 2021 17:09:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Mar 2021 17:09:06 GMT

GET
H/1.1 200
OK slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 2 KB
1 KB 159ms
49ms Stylesheet
text/css 65.9.19.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/slim-10_7.css
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.19.93 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f0b7264810a4f05251ac724721a5a3a61887cff9bd30e1fbbc1bc832e94d38a

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 17:58:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Dec 2015 20:19:39 GMT
Server: AmazonS3
Age: 83463
ETag: W/"d67b6072a15510e2010ad947aa1213c3"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 384bf15c1ac91d451725d766417680b1.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZAG50-C1
X-Amz-Cf-Id: XrvXHKj1OXiJy7Slu5p-enJY5fVmG1df9XqqCbajc67kXSwVBpYxTQ==

GET
H2 200 style.css
thefederalist.com/wp-content/themes/attitude-child/ 128 KB
20 KB 29ms
22ms Stylesheet
text/css 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/style.css?build=619f8661e2703a43c19d8e19e8b5d644
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fd995ebd1e986ffc62e6b34491d7bb2ecc988ce6bed9f10504ff22ab5768da3

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1560720
cf-request-id: 08a4f6587600004ab55b25c000000001
last-modified: Mon, 15 Feb 2021 15:36:25 GMT
server: cloudflare
etag: W/"602a94f9-200d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Go%2FHJMJokr8659NB0Pe40Bxn44elvZ6IF0K27mxt1Kz1VwcM%2FrcMmouwksZlQkPSlh5SBUui4qo4l%2BNYmQBSrYYant0B%2FsE556zqHkNH%2BSoEhNPBLY3Zd%2BlU1k6cqg%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 62b4f33a59404ab5-FRA

GET
H2 200 jetpack.css
thefederalist.com/wp-content/plugins/jetpack/css/ 70 KB
12 KB 38ms
32ms Stylesheet
text/css 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/wp-content/plugins/jetpack/css/jetpack.css
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b42989a0f2a1fb6d69e72c4f548ef2e73c4d3089d53649f5ed75e45c7b91cffb

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1473564
cf-request-id: 08a4f6587700004ab553bdb000000001
last-modified: Mon, 16 Sep 2019 05:39:22 GMT
server: cloudflare
etag: W/"5d7f200a-117db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=McY7r2GTalbpWFjkFVjHKjSUeoQ6ejGzmvqPtesh0Vn329UsuUeInxWIqVC2hxWkXh6Pq3CJWYqFv4DLoLPWc05dj%2FVSCfzDTWGszZ8Rgk6vYeepMTmoiDxPOypH2A%3D%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 62b4f33a59424ab5-FRA

GET
H2 200 jquery.js Show response
thefederalist.com/wp-includes/js/jquery/ 95 KB
33 KB 29ms
22ms Script
application/javascript 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/wp-includes/js/jquery/jquery.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 10321618
cf-request-id: 08a4f6587800004ab56b202000000001
last-modified: Fri, 17 May 2019 17:08:53 GMT
server: cloudflare
etag: W/"5cdeeaa5-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FVVoE5QFkYbEMDHglT0IqoZ5pM2rNR%2FfTmZTlIRa0eA1KxD4wHdjv4Vm%2B7mu5qrwK%2FTQF9myS%2B%2FdnkKKgfFunD9RjrbmIPhFrd00ccDmL3FHJ53vHNwlrCJ74Y0mBA%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 62b4f33a594b4ab5-FRA

GET
H2 200 jquery-migrate.min.js Show response
thefederalist.com/wp-includes/js/jquery/ 10 KB
4 KB 36ms
30ms Script
application/javascript 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1329144
cf-request-id: 08a4f6587900004ab5911c6000000001
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: cloudflare
etag: W/"573eaa90-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u1DHXMCZWw61cNJejDcRLTXEG8tPVZMXPg37FHD7B35LpX6fW%2F8PPLkwKqlhdXn%2Boc%2FjB8uJ8RW9O6vhjWxu96sjE8eK%2B%2BnQz%2BoBwpxaE2hXQL2ROJ2VhAaJbo%2B6pA%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 62b4f33a594d4ab5-FRA

GET
H2 200 tinynav.js Show response
thefederalist.com/wp-content/themes/attitude/library/js/ 2 KB
1 KB 19ms
17ms Script
application/javascript 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/wp-content/themes/attitude/library/js/tinynav.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c211a5c4d8e495d73180e47285310943220de04cc719379ddc7608c2badf164

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1329143
cf-request-id: 08a4f6587900004ab570120000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: W/"5bb25334-942"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1vkfMZGKnfgVM2pOdxXUkHsVXVG9Isl3nSAqiwqNwEbz3FiD09TwfXoEAaOqeQhIErjAVqTeUbtPHBacs27FX3QRWjWXAMWXreDS0864bRpnU8zUZi%2Bf65tSInq8XA%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 62b4f33a594f4ab5-FRA

GET
H2 200 backtotop.js Show response
thefederalist.com/wp-content/themes/attitude/library/js/ 605 B
636 B 17ms
16ms Script
application/javascript 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/wp-content/themes/attitude/library/js/backtotop.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 999c77ba547d2e647a604dea78a72641c8770051b3e49845e994c76e1c008312

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 10155239
cf-request-id: 08a4f6587900004ab586972000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: W/"5bb25334-25d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WLhyVq1%2Fng0hpB6PDZJBXHf5a0801X43V1wp%2FM3Yw8KjrM4BOfsciPP1uXY2GyFIdXlE2ra1Uol5u%2FGC8t8UXUYbd%2Bm0LBTokF0WRgOxkBO7FuLbS8toRzX9L3%2F2Bw%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 62b4f33a59514ab5-FRA

GET
H2 200 jquery.carouFredSel-6.2.1-packed.js Show response
thefederalist.com/wp-content/themes/attitude-child/scripts/ 54 KB
13 KB 32ms
28ms Script
application/javascript 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/scripts/jquery.carouFredSel-6.2.1-packed.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9930f4e26cb466c1b9941f65c5b628e548d914c415d8857b143356264fb34855

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 10155005
cf-request-id: 08a4f6587e00004ab57d937000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: W/"5bb25334-d60b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ipvjgNA2t5FCjzC%2FmjBSlpvIZmEAheiVIrFG8saIhgOdSYShVYtXFwkEKTp6BTTlduJjlquJPhj1kuyHMRDB4D%2Bm9XTGzH%2Bmov%2BWgUwybgCfLaJdSgJjJUGN8OOhRQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 62b4f33a695e4ab5-FRA

GET
H2 200 viewportSize-min.js Show response
thefederalist.com/wp-content/themes/attitude-child/scripts/ 782 B
674 B 36ms
33ms Script
application/javascript 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/scripts/viewportSize-min.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 123a5b2a00c1f1abb7fbc0ee3c135727ef64f4a0d8bb9ba6059cc38a8757033f

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8356414
cf-request-id: 08a4f6587e00004ab5c9b3c000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: W/"5bb25334-30e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fvpDn%2BM7LpKjdF8wWc4B2Q2vV5lDKU8jqmcx0x6CK1MYmk%2BMsFj4k04Z3yfpGLezyb1%2BxCjAi4lg6SF6WN2QXKCh8KiiFDuy%2F0MAPEZUO4D9l5loxMXrtJrVn9a9rA%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 62b4f33a695f4ab5-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 58 KB
20 KB 120ms
70ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec33d5d250bd74e3ccb1c0f0fe7aa9136a36fd2b2af8a34b789a1807aca84bb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "802 / 434 of 1000 / last-modified: 1614946519"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19862
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:09:06 GMT

GET
H2 200 70.js Show response
a.publir.com/platform/ 32 KB
9 KB 190ms
9ms Script
text/javascript 2606:4700:3037::6815:5eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.publir.com/platform/70.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44be4c61ab4f87f0a445e101fd90ef82e03fc3e6b1138a93aded0a546a7ea455

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 70489
cf-polished: origSize=35245
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9ADAEF85044E8A94
x-amz-id-2: mFfIRihgpS5JZq2zizPaViHzADbk7uTRd2656JKr1BVSun1men5QMl1HNglPTTge0JY8ht8YZ2o=
last-modified: Wed, 17 Feb 2021 20:49:51 GMT
server: cloudflare
etag: W/"3f5d97265bc201d89c7ca206fc4f2b1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aDLJcqZ0ytdmoobl76kdrlS0DOm42HF604h8q6qo9L7cS4ztmzLX1bTyg%2ByBANbSrwmblLOE6R8LGxwCITR6aFvM%2FISSMJjROQTFrBETJRMkxwtya4IVQ0E%3D"}],"max_age":604800}
content-type: text/javascript
cf-request-id: 08a4f65a3800004a9114b85000000001
cf-ray: 62b4f33d2bfc4a91-FRA
cf-bgj: minify

GET
H2 200 logo.png
thefederalist.com/wp-content/themes/attitude-child/images/ 3 KB
4 KB 104ms
55ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/images/logo.png
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5ca6f2f02eb9c06cefef6f11aed1cb5d9c4ad83b466a52a55000bc6c02059b

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 159590
cf-polished: origFmt=png, origSize=4187
content-disposition: inline; filename="logo.webp"
content-length: 3284
cf-request-id: 08a4f659b600004ab576bc6000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: "5bb25334-105b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=37k2JXM1JTRjUqXFaZYtWG00NM2fTlpC%2FT1q2WOXowfOHt%2FIJFFbA7HC2%2BD6aktfciMn7Qy1mSa%2FMAxE1nTKKGExjWuXfqIqsw6yXV33U69fVbm4hk8MRnLu8SYBcA%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33c5c554ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 eagle.png
thefederalist.com/wp-content/themes/attitude-child/images/ 2 KB
3 KB 109ms
61ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/images/eagle.png
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae33ebc9c72feadaad82ed0d3effb86c29ecfdf3f400e5b86f6555ab16b8b00a

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 149369
cf-polished: origFmt=png, origSize=2281
content-disposition: inline; filename="eagle.webp"
content-length: 2198
cf-request-id: 08a4f659b900004ab5a7847000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: "5bb25334-8e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4QBWoyyRTci%2B15sBYyTYOyS3iVQ%2B4Gc9Jg%2B8c5cqXqL00QN7ttci4cknJOCUAzY%2B4m%2BUaCQleYoCQrCIrt5YVSV1U9owY%2F0Srrgy3SQ7r6zr1r72e%2BuENOGUzqBoQg%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33c5c574ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 social-rss.png
thefederalist.com/wp-content/themes/attitude-child/images/ 316 B
687 B 110ms
62ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/images/social-rss.png
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64e76948277db674193d02a50bbe2faae032c760d66f9d0d249f467f258a97e1

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 753331
cf-polished: origFmt=png, origSize=1571
content-disposition: inline; filename="social-rss.webp"
content-length: 316
cf-request-id: 08a4f659b700004ab57180d000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: "5bb25334-623"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=53iDc%2BqfxSD8ok%2BNNgeqxqEXTW6VzxF9b8xNQt9bobExGwyqx3n0SUyGtcVlhmqzuLAvwMtxLMmdIwDxYzNh7%2BGKUJxj%2BXvZ2Wf96%2BGiSxe9qWLZ%2BLY4hKUPdWS%2FqA%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33c5c5a4ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 social-twitter.png
thefederalist.com/wp-content/themes/attitude-child/images/ 300 B
667 B 102ms
55ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/images/social-twitter.png
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab50e6d6a6e5a3b4877d975d22e107407707d1f98058439e5500a10c3b57e037

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 153743
cf-polished: origFmt=png, origSize=1523
content-disposition: inline; filename="social-twitter.webp"
content-length: 300
cf-request-id: 08a4f659b800004ab583267000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: "5bb25334-5f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JWnwg3lAuTwh4KwnczWTD%2FDJc8iJ5i8Zh30ux%2F21P3Splc9x4F3G%2Bfd8Yc%2FY7O3oqF59ZzmfbrxLZHtioEZ8taN2shufPqAgfRtDVPUShL8CnESQWZtrzwGXdPA%2F4A%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33c5c5b4ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 social-facebook.png
thefederalist.com/wp-content/themes/attitude-child/images/ 254 B
679 B 133ms
86ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/images/social-facebook.png
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25612be427fd55fc8634d91551956b475eddb5b53b027d11e230f4c9031b8aea

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 153743
cf-polished: origFmt=png, origSize=1425
content-disposition: inline; filename="social-facebook.webp"
content-length: 254
cf-request-id: 08a4f659bb00004ab5a7848000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: "5bb25334-591"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hk08x%2BKE92P%2BxtSUP6zOwgLTJF0kn5KD6UymsRm2q7JbTAjF6mwxRK3mTd25tJlwvgqpQWjhXkqn1utDvy3PVySErhm8spdm%2Fgazfz8WAL%2B35Uo9X5H4m7n9mtreEw%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33c5c5c4ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 social-podcast.png
thefederalist.com/wp-content/themes/attitude-child/images/ 296 B
830 B 105ms
58ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/images/social-podcast.png
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc90b42eef2961baa23156dc2f610c270887d22a43e24fd6537c80f758baa8d0

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 151536
cf-polished: origFmt=png, origSize=1521
content-disposition: inline; filename="social-podcast.webp"
content-length: 296
cf-request-id: 08a4f659b900004ab58b171000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: "5bb25334-5f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I5OoJ9K3bJzeIK4mE8hOtLRYomM6AbQ662opX3csTgUZ8L%2BRZKTmSN0HPRJ3xTjLZXb2iJ%2Fdo4I2Q%2BtnQ%2FYAARTKv00QPim%2B1RwloG2HYDPQ9ByfzGxwAivsyCHdmQ%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33c5c5e4ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 header-menu.png
thefederalist.com/wp-content/themes/attitude-child/images/ 2 KB
2 KB 109ms
63ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/images/header-menu.png
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 332895a047b9f843f4f93ceeb39d3dea48216e9ca5a652a11c5fa0327b15c2ef

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 149134
cf-polished: origFmt=png, origSize=4897
content-disposition: inline; filename="header-menu.webp"
content-length: 1554
cf-request-id: 08a4f659b900004ab5911d7000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: "5bb25334-1321"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AKQjDKScDOu4NGZ2%2FJezIOGxyXPXZMBQ9TimANsJPbScIEVBgFKX9zdajFsCA6ubMcQyxthcb%2BC7V1hEXz3%2BpLUaMXacZ5SJ9LsbamYtDvSSJwRhaCTp%2Fr1lL23Piw%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33c5c5f4ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Hunter-Biden-and-Joe-Biden-e1602786263322-998x644.png
thefederalist.com/wp-content/uploads/2019/12/ 261 KB
262 KB 183ms
137ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/uploads/2019/12/Hunter-Biden-and-Joe-Biden-e1602786263322-998x644.png
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb9d6149e4aed105754c0d6755a5791e0c2aedea8717ebe211abc2031e20663

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1548
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Hunter-Biden-and-Joe-Biden-e1602786263322-998x644.webp"
content-length: 267534
cf-request-id: 08a4f659ba00004ab57d94b000000001
last-modified: Tue, 27 Oct 2020 07:10:59 GMT
server: cloudflare
etag: "b14044be99190f968fa3deb4b73ae214"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O8kgzGOXo6wn3fjEXJIue8phnAU0HjRL99rpn96hEKMUQyBTmMsm%2Fkf%2FaxeOexJ8M0ZpalHYMMfnhUBhWSj9sJtIfTCnKNQy2sevmg1Z1Qm2XkuIHywKsQ9OI466nA%3D%3D"}],"max_age":604800}
content-type: image/webp
expires: Sun, 04 Apr 2021 16:43:18 GMT
cache-control: max-age=2592000
cf-polished: origFmt=png, origSize=426993
accept-ranges: bytes
cf-ray: 62b4f33c5c614ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 amazonprimesemi-300x214.jpg
thefederalist.com/wp-content/uploads/2021/03/ 14 KB
14 KB 172ms
127ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/uploads/2021/03/amazonprimesemi-300x214.jpg
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1039bfe74cb614d9ade3fa79416dd840ed4a8057a21925570fad0f712ff88fcc

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 98168
cf-polished: qual=85, origFmt=jpeg, origSize=14845
content-disposition: inline; filename="amazonprimesemi-300x214.webp"
content-length: 13870
cf-request-id: 08a4f659ba00004ab568021000000001
last-modified: Tue, 02 Mar 2021 20:11:49 GMT
server: cloudflare
etag: "603e9c05-39fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B0JgVsjDaTCYowYFDJAH2LLDR2xXh51vD6yhQBtsTkfDXLdt4aYjbvM4aFtSKRSqftDEG8qeHmrn1KOdZQ5oQrNGs6Uyfbzc56W4J4blmtu6vLwCYEtqz5q6osXrQw%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 03 Apr 2021 13:52:57 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33c5c634ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Seuss-300x207.jpg
thefederalist.com/wp-content/uploads/2021/03/ 16 KB
17 KB 104ms
59ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/uploads/2021/03/Seuss-300x207.jpg
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa705bd8d18a8125105880317e15df98c5b55cc358ced3487e647d7412093ca0

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 188256
cf-polished: qual=85, origFmt=jpeg, origSize=19318
content-disposition: inline; filename="Seuss-300x207.webp"
content-length: 16496
cf-request-id: 08a4f659ba00004ab57180e000000001
last-modified: Wed, 03 Mar 2021 02:25:41 GMT
server: cloudflare
etag: "603ef3a5-4b76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rHWTxri7paK7zdqLZQzDgbzmXOQj2TvGLXO6HienwNzWsRy0%2B2jOSnJD9MJaQuZIDe8XVIykQZKk%2BB36%2FrloTxbWgeduk8M3k%2BeJ01NrWXAYcMV7j7nzpd1Sm1xL8w%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 02 Apr 2021 12:51:30 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33c5c644ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 gunstore-300x200.jpg
thefederalist.com/wp-content/uploads/2021/03/ 20 KB
20 KB 115ms
70ms Image
image/jpeg 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/uploads/2021/03/gunstore-300x200.jpg
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9b726cfc721b91aa6344ef888d4f46f5843bced66bc3cf9193e769170878719

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 98168
cf-polished: degrade=85, origSize=20292, status=webp_bigger
content-length: 20168
cf-request-id: 08a4f659bb00004ab5cd0eb000000001
last-modified: Thu, 04 Mar 2021 12:46:59 GMT
server: cloudflare
etag: "6040d6c3-4f44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=erZlg%2FhqmQ%2FlCv2nj4PTTU4OUk9wFZi0gaVbuIlnz6zo5IOwW1bIJDqo%2F2jz96Ow%2F5r%2FdxrZ%2FShF279bjXN4ym9jFDiD35ZZiq08kCyEqe24dmmec3H70LpbJaiLiw%3D%3D"}],"max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 03 Apr 2021 13:52:57 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33c5c674ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 pixel.gif
thefederalist.com/wp-content/themes/attitude-child/images/ 42 B
413 B 129ms
86ms Image
image/gif 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/images/pixel.gif
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 10394685
cf-polished: status=not_needed
content-length: 42
cf-request-id: 08a4f659bc00004ab561046000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: "5bb25334-2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bLuKrYZu4xKJppNnGR65Wpd9puRjIfwziP9vhgED9V2HFWDP06b%2FJV78BpncSRDyh7zWAowud0s0ckTvwAmU0nWf6RIniOJ8TAHosQhZkB5qEWzUy8Hfab5pxTkhqQ%3D%3D"}],"max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33c5c694ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 sicknickliesinhonor.jpg
thefederalist.com/wp-content/uploads/2021/02/ 43 KB
43 KB 152ms
108ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/uploads/2021/02/sicknickliesinhonor.jpg
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a56e72090fa690bc73982f1c83eebf18877c29e20aa7c9fd6c622de3d9843c7

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1548
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="sicknickliesinhonor.webp"
content-length: 43958
cf-request-id: 08a4f659bc00004ab553bf0000000001
last-modified: Sun, 28 Feb 2021 07:10:43 GMT
server: cloudflare
etag: "e2b692daaa564ac478cede5407190f98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Dm0itbQ49Lfq%2FUHbp2QeSDchaZfioKWaiVN7DNKUE0KU4%2F0HG12bYQX9zgIjiKngSjp6TCdPTFNoC5iDjEW2o3I4e5Uph4UFYocLlT%2BlT5GeDIPsmcuiqWAa7OuiEg%3D%3D"}],"max_age":604800}
content-type: image/webp
expires: Sun, 04 Apr 2021 16:43:18 GMT
cache-control: max-age=2592000
cf-polished: qual=85, origFmt=jpeg, origSize=90591
accept-ranges: bytes
cf-ray: 62b4f33c5c6a4ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Screen-Shot-2020-12-23-at-9.50.40-PM.png
thefederalist.com/wp-content/uploads/2020/12/ 2 MB
2 MB 120ms
87ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/uploads/2020/12/Screen-Shot-2020-12-23-at-9.50.40-PM.png
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b1bb030903f7d5f68f8661137137064053d9354bc943317f5265f16ce33503b

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1548
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Screen-Shot-2020-12-23-at-9.webp"
content-length: 2129040
cf-request-id: 08a4f659bd00004ab55b271000000001
last-modified: Mon, 04 Jan 2021 07:10:18 GMT
server: cloudflare
etag: "c5c5b868dc31f4d1f9b8d185a18e1e22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GwePS9lRH8Qgyiv6LZzcXU1p%2BpBbEmI1eLAqpqrG5Zjs0N9nG03xw3yilL51RQTPYX4Apz%2BMH1zUypEf0t1SzikhsI6qc8cxBXg7BZsVqkow0pXX1C8b6Y0yc70GWA%3D%3D"}],"max_age":604800}
content-type: image/webp
expires: Sun, 04 Apr 2021 16:43:18 GMT
cache-control: max-age=2592000
cf-polished: origFmt=png, origSize=4680450
accept-ranges: bytes
cf-ray: 62b4f33c5c6b4ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Screen-Shot-2020-09-30-at-10.10.02-AM.png
thefederalist.com/wp-content/uploads/2020/09/ 454 KB
455 KB 154ms
122ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/uploads/2020/09/Screen-Shot-2020-09-30-at-10.10.02-AM.png
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28f2333d0bb2282fb479d26bba8d6af840dfcd47aab2b0d578e55b914ea06dc5

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 81666
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Screen-Shot-2020-09-30-at-10.webp"
content-length: 465184
cf-request-id: 08a4f659bd00004ab570138000000001
last-modified: Mon, 12 Oct 2020 07:10:20 GMT
server: cloudflare
etag: "b27f01f63c8090657dcc0edc1bc9be92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2vilpObhgAF6zTFq7RsNjdvUf7fJd2ObkeT4xq8A0hDKHOW3Od4WbNlkcfaTmaMUSqOGlD2X0khnVwdu02F7D%2F6HGOCeN33hitZpq3juaqPYsPRoyZv6hbaVOmNpGA%3D%3D"}],"max_age":604800}
content-type: image/webp
expires: Sat, 03 Apr 2021 18:28:00 GMT
cache-control: max-age=2592000
cf-polished: origFmt=png, origSize=866607
accept-ranges: bytes
cf-ray: 62b4f33c5c6e4ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 101ms
18ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: gzip
server: nginx
etag: W/"5841a56f-52b6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
expires: Thu, 03 Feb 2022 04:32:43 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 142ms
14ms Script
application/javascript 104.84.56.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 05 Mar 2021 17:09:06 GMT
x-host: s7.addthis.com
content-length: 116330

GET
H2 200 control.v2.js Show response
thefederalist.com/wp-content/themes/attitude-child/scripts/ 5 KB
2 KB 63ms
1ms Script
application/javascript 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/scripts/control.v2.js?build=c6ed4cf238e79771cfabb9d26ce77436
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e6af8f3ae951fb9a29f37bde85c1122f34d8c77dc9c18fb4d5e24a3e25d076d

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1328643
cf-request-id: 08a4f6599900004ab561042000000001
last-modified: Wed, 08 Jul 2020 14:02:40 GMT
server: cloudflare
etag: W/"5f05d200-12a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wNDGtERlqn%2FkjjelL2Quz8qvV82bs3IL0lQe0ASusPFoQe5DoRMonhwFfVAVwaMjt3kYuHdtn1u2dJKtxMU044XEnyZTpxYxTmhKuvKDDqUJa1STbhPPbHpXINPBmg%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 62b4f33c2c004ab5-FRA

GET
H2 200 jquery.sonar.min.js Show response
thefederalist.com/wp-content/plugins/lazy-load/js/ 1 KB
1 KB 110ms
56ms Script
application/javascript 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/wp-content/plugins/lazy-load/js/jquery.sonar.min.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 10159734
cf-request-id: 08a4f659b100004ab58d1a4000000001
last-modified: Fri, 19 May 2017 06:58:25 GMT
server: cloudflare
etag: W/"591e9791-580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D449ZBsjdWjrXQ4%2B3J%2FYyLf5l0a%2FBlAWLBdeonUWSw1ynd2HXe9fUQWjnMgnVFnktEJ90HOgsPa3PAos%2F5eZMAuOjWPOpvMSC6gkzFT3K%2BO3mzb5jAMf7ShFx5kwKQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 62b4f33c4c414ab5-FRA

GET
H2 200 lazy-load.js Show response
thefederalist.com/wp-content/plugins/lazy-load/js/ 902 B
734 B 112ms
56ms Script
application/javascript 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/wp-content/plugins/lazy-load/js/lazy-load.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1473562
cf-request-id: 08a4f659b700004ab5a7846000000001
last-modified: Fri, 19 May 2017 06:58:25 GMT
server: cloudflare
etag: W/"591e9791-386"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WW3KKqBNFAFjhgJH70T5vEN4doUMC6GjMgr5VxDFxDcdms5bmTRxAheOAgxQxoGgXF65FXO0hGDgn5RIzXKHUx3bsvx1Ul6eg2PnxeU32ftmPw8ohLdfO3%2FtvCUBxg%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 62b4f33c5c4c4ab5-FRA

GET
H2 200 wp-embed.min.js Show response
thefederalist.com/wp-includes/js/ 1 KB
1010 B 104ms
54ms Script
application/javascript 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thefederalist.com/wp-includes/js/wp-embed.min.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 10423636
cf-request-id: 08a4f659b600004ab5c9b4f000000001
last-modified: Thu, 30 Aug 2018 12:40:26 GMT
server: cloudflare
etag: W/"5b87e5ba-57b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RmiQoOKWsjnK7Ia3BsgWxby3nFgkpoFWIqTXJFpFiQZkzlCjlx7Mkvt4Oob1lQoy9wUAU4WRhDrg%2BM7wRFvlBH%2FzbgkqtWI%2Fc8VNLJ03Hawq2iObYqRVelpk5TfQxA%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 62b4f33c5c514ab5-FRA

GET
H2 200 e-202109.js Show response
stats.wp.com/ 9 KB
3 KB 180ms
16ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202109.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams
date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Mon, 21 Feb 2022 07:19:45 GMT

GET
H/1.1 200
OK count.js Show response
thefederalist23.disqus.com/ 1 KB
2 KB 182ms
21ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://thefederalist23.disqus.com/count.js

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:09:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 468757
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 25 Feb 2021 23:44:33 GMT
Server: nginx
ETag: "60383661-367"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW55-C3
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: zwfu96JwTN8Rt049DGG27JII_oz_oiuKOoMJ8zLIuXodUdPenSjWwg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 75 KB
30 KB 104ms
71ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PBDLLH

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

005354de2879e9b66d2893f3a6035c4425784ae37a1b609a2775ae9c5dc6a514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30389
x-xss-protection: 0
last-modified: Fri, 05 Mar 2021 15:29:53 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Mar 2021 17:09:06 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 68ms
36ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: gzip
etag: "/D8P7qgiWm3WmfjhiS2eTg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 12 Mar 2021 17:09:06 GMT

GET
H2 200 i5AmwMiBIYo Show response
www.youtube.com/embed/ Frame DD6F 51 KB
21 KB 103ms
74ms Document
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b9467c245189854a6ae2644fe7f389ff73f937633127076a3316c074ecfb5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://thefederalist.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thefederalist.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 05 Mar 2021 17:09:06 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=qLCUqhYeeb8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=GUDqUl-MWU8; Domain=.youtube.com; Expires=Wed, 01-Sep-2021 17:09:06 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+535; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 body-bg.png
thefederalist.com/wp-content/themes/attitude-child/images/ 34 B
396 B 157ms
127ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/images/body-bg.png
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/wp-content/themes/attitude-child/style.css?build=619f8661e2703a43c19d8e19e8b5d644
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer: https://thefederalist.com/wp-content/themes/attitude-child/style.css?build=619f8661e2703a43c19d8e19e8b5d644
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 156590
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="body-bg.webp"
content-length: 34
cf-request-id: 08a4f659be00004ab5d28bc000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: "5bb25334-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XXRs7%2BD7B4HiVZXKnSYtgfvO5xy%2FF2gYgonBgUkOO1S0xLHriqNHLbfjLwR8jKSJNrv4LPJmCemyRcI3iUzG%2BMC2ODtQDo%2Bkf7oMA92Wo%2BuJ29utSePk316hzpljVg%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33c5c714ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 header-bg.png
thefederalist.com/wp-content/themes/attitude-child/images/ 13 KB
14 KB 156ms
126ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/images/header-bg.png
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/wp-content/themes/attitude-child/style.css?build=619f8661e2703a43c19d8e19e8b5d644
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31b55b15fbb1f3eeb211dda0bcc0ce7912346a757af6c3cb12fe7cefcd8ea737

Request headers

Referer: https://thefederalist.com/wp-content/themes/attitude-child/style.css?build=619f8661e2703a43c19d8e19e8b5d644
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1329137
cf-polished: origFmt=png, origSize=15025
content-disposition: inline; filename="header-bg.webp"
content-length: 13796
cf-request-id: 08a4f659be00004ab5c710c000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: "5bb25334-3ab1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cey6dKQPJJW%2BXk5kQofgevNm523vovpGCfuiICt2qi9WoCYRNf6N24gWhxsxK5Yn%2FkhonPm8YfJ05p%2F43dSVSwP5nYbC8zbw7jgbBxaLiCF58UaMxTqZDt8WGBKawQ%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33c5c754ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 mag.png
thefederalist.com/wp-content/themes/attitude-child/images/ 272 B
631 B 156ms
126ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/images/mag.png
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/wp-content/themes/attitude-child/style.css?build=619f8661e2703a43c19d8e19e8b5d644
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4898419fd629be5a870b20c1b68cce4251a9294eb4a96d0d96b748b624dfddd9

Request headers

Referer: https://thefederalist.com/wp-content/themes/attitude-child/style.css?build=619f8661e2703a43c19d8e19e8b5d644
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 151306
cf-polished: origFmt=png, origSize=585
content-disposition: inline; filename="mag.webp"
content-length: 272
cf-request-id: 08a4f659be00004ab5b7224000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: "5bb25334-249"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EPx5vaiQ1weWbjzEUEH43LzQ2HijLWzid4Fcopx6UrfftoqPpTdW8qFw505nlCeHfFuUqOKmIQ9HOMj8wUi3ZDbzUzE%2FoIo1V8VcD%2FrxNwJF2T0%2BXH9%2BfyIuyo0OsA%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33c5c764ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 24 KB
24 KB 65ms
36ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arbutus+Slab%7COpen+Sans%3A400%2C400i%2C700%2C700i%7COswald%3A400%2C700%7CPhilosopher%3A400%2C400i%2C700%2C700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thefederalist.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 11:42:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:31:19 GMT
server: sffe
age: 19578
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24064
x-xss-protection: 0
expires: Sat, 05 Mar 2022 11:42:48 GMT

GET
H2 200 oY1Z8e7OuLXkJGbXtr5ba7ZlbKUc.woff2
fonts.gstatic.com/s/arbutusslab/v9/ 18 KB
19 KB 37ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arbutusslab/v9/oY1Z8e7OuLXkJGbXtr5ba7ZlbKUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arbutus+Slab%7COpen+Sans%3A400%2C400i%2C700%2C700i%7COswald%3A400%2C700%7CPhilosopher%3A400%2C400i%2C700%2C700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c2ba252c378a8081faf78528bfc0fec04d544047d7c199f0e644af34b9d71ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thefederalist.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 03:11:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 03:48:37 GMT
server: sffe
age: 136645
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18892
x-xss-protection: 0
expires: Fri, 04 Mar 2022 03:11:41 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 109ms
80ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arbutus+Slab%7COpen+Sans%3A400%2C400i%2C700%2C700i%7COswald%3A400%2C700%7CPhilosopher%3A400%2C400i%2C700%2C700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thefederalist.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 15:00:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 7704
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Sat, 05 Mar 2022 15:00:42 GMT

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 84ms
18ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:06 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 20:30:41 GMT
server: nginx
etag: W/"14f4-177feef7320"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arbutus+Slab%7COpen+Sans%3A400%2C400i%2C700%2C700i%7COswald%3A400%2C700%7CPhilosopher%3A400%2C400i%2C700%2C700i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thefederalist.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:39:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 120574
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 04 Mar 2022 07:39:32 GMT

GET
H2 200 pubads_impl_2021030101.js Show response
securepubads.g.doubleclick.net/gpt/ 282 KB
100 KB 104ms
33ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030101.js?31060326

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

c183713781265a2abdc03eab5050b102a17a1170eaa908604e61fc9f07c9aad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 09:37:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101543
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:09:07 GMT

GET
H2 200 footer-eagle.png
thefederalist.com/wp-content/themes/attitude-child/images/ 2 KB
2 KB 27ms
7ms Image
image/webp 2606:4700:20::681a:c80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thefederalist.com/wp-content/themes/attitude-child/images/footer-eagle.png
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/wp-content/themes/attitude-child/style.css?build=619f8661e2703a43c19d8e19e8b5d644
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b92ac59674137362ad6cf84c0a8e9a8d46814e1c6d1152f953e10b4f9923e03e

Request headers

Referer: https://thefederalist.com/wp-content/themes/attitude-child/style.css?build=619f8661e2703a43c19d8e19e8b5d644
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:07 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 152928
cf-polished: origFmt=png, origSize=2380
content-disposition: inline; filename="footer-eagle.webp"
content-length: 1884
cf-request-id: 08a4f65be500004ab59e0e1000000001
last-modified: Mon, 01 Oct 2018 17:02:44 GMT
server: cloudflare
etag: "5bb25334-94c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=crIKf1JDskPb88QSvwumq8XDK4xYI4dYEQmxn8sVxDkkvy3i48xgWXAz8qKM0j9oV6p9Vdvk7lTx9XQnPrf94yFn0yfuAHJJ%2FILASwPR3BNiYM8wjpCleINsZZ40hA%3D%3D"}],"max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 62b4f33fda3b4ab5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 AGSKWxUPM1ZHa_C3rIl_-VDIqHPQO8dXwors6Aev4EzaPJ1YElRrB7uFygw-ug2Moj5AeaOk01n8qxyrgA4uBfyLL3k= Show response
fundingchoicesmessages.google.com/f/ 80 KB
30 KB 74ms
49ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUPM1ZHa_C3rIl_-VDIqHPQO8dXwors6Aev4EzaPJ1YElRrB7uFygw-ug2Moj5AeaOk01n8qxyrgA4uBfyLL3k=

Requested by

Host: a.publir.com
URL: https://a.publir.com/platform/70.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81df137979b8c4fe3360c623e1f0f40c06cceb7cef233cdde5b67bb4d6b9c578

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qp1q4VsuncJU+aXzhW7HPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-qp1q4VsuncJU+aXzhW7HPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-qp1q4VsuncJU+aXzhW7HPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-qp1q4VsuncJU+aXzhW7HPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid410.js Show response
a.publir.com/platform/common/ 1 MB
372 KB 73ms
49ms Script
application/x-javascript 2606:4700:3037::6815:5eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.publir.com/platform/common/prebid410.js
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/70.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15f983d412ee16abb31eb570ed4a60d67847e4eea49d3f46f5516b0b515896e1

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1501514
x-amz-meta-cb-modifiedtime: Thu, 30 Jul 2020 21:16:46 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: D991B38404A76570
x-amz-id-2: A2QUXiJF2dVJ5AccUT3NI23FL5oGrid12uc5IpIwzlLjW5hLTX36zh+rDZteX6K9WP9/H5Twaz8=
last-modified: Thu, 30 Jul 2020 21:23:14 GMT
server: cloudflare
etag: W/"53698dbee46ac3b06a34fbf7fa4f7d50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c85FZ1EimL31dImY43tQc5ZWhVlGoLwXM2iqY%2FTXlZYuUfo4Ua8keB16qoeszs0rkgQ3BqNsZax5HwXUrA5CKBxCUVHuGuqj47GHVZ6PThKGO2kCQxc5Daw%3D"}],"max_age":604800}
content-type: application/x-javascript
cf-polished: origSize=1552214
cf-request-id: 08a4f65d2800004a911c0d4000000001
cf-ray: 62b4f341dd8c4a91-FRA
cf-bgj: minify

GET
H2 200 mobile-detect.min.js Show response
a.publir.com/platform/common/ 38 KB
16 KB 72ms
48ms Script
application/javascript 2606:4700:3037::6815:5eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.publir.com/platform/common/mobile-detect.min.js
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/70.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190da0476f8cce20db0253b544d4188fde9cdc8f8e86cdedd0ef083a6520fd60

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1514240
x-amz-meta-sha256: 190da0476f8cce20db0253b544d4188fde9cdc8f8e86cdedd0ef083a6520fd60
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 76C4CB8DF374B87E
cf-request-id: 08a4f65d2f00004a91451e3000000001
last-modified: Fri, 29 May 2020 22:48:54 GMT
server: cloudflare
etag: W/"62e66f11579cff8263e630e9fe07602d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sq2sHh8jthBDeD7FafzcNVsthJksa2TRTDSBiOePMqkISReJULufDrByxW4LlqB1mUQJQJuHrWqJ2jszyxN2EsmN4OvE%2Fsycg0lMrl6CKfdhonyNP2PQA5E%3D"}],"max_age":604800}
content-type: application/javascript
x-amz-id-2: MgTVX2aetcCk09iEz4/r4UJK/hX2RZRYHqEnvLdQXmp9NWCoJa+M3xBCUBbPYwEhtle99YBZJks=
cache-control: public, max-age=86400
cf-ray: 62b4f341dd974a91-FRA
x-amz-meta-s3b-last-modified: 20190621T210253Z

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 76ms
25ms Script
application/x-javascript 184.30.21.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-162.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:07 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: B402EDC6F7271ED7
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24340
accept-ranges: bytes
content-length: 948
x-amz-id-2: 3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: l9NYz3d3lEqD+LUlZafHoC+GhizDra65PP65evxd//9Ok6OzvsV3tZh0/pWDm28ESrP4d/eY0ejSDd9n0FqCXA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 05 Mar 2021 17:09:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rules-p-BqQyNQgUPawzV.js Show response
rules.quantcount.com/ 3 B
358 B 28ms
27ms Script
application/x-javascript 2600:9000:20d7:7400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-BqQyNQgUPawzV.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:7400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 06:07:23 GMT
via: 1.1 eea4db3ca37c99035a6e9a24033c4ceb.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 20:20:19 GMT
server: AmazonS3
age: 39705
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: FTcqrJSoJbSOAmk8EYLlyNiktVzQK5rh38HWtSRY3KwMdvwG-1cPCA==

GET
H2 200 pixel;r=1170948868;rf=3;uht=2;a=p-BqQyNQgUPawzV;url=https%3A%2F%2Fthefederalist.com%2F2020%2F10%2F15%2Fnew-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm%2F;fpan...
pixel.quantserve.com/ 35 B
371 B 10ms
9ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1170948868;rf=3;uht=2;a=p-BqQyNQgUPawzV;url=https%3A%2F%2Fthefederalist.com%2F2020%2F10%2F15%2Fnew-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm%2F;fpan=1;fpa=P0-1475214447-1614964147684;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=thefederalist.com;je=0;sr=1600x1200x24;dst=1;et=1614964147684;tzo=-60;ogl=locale.en_US%2Ctype.article%2Ctitle.New%20York%20Post%20Report%3A%20Emails%20Show%20Hunter%20Biden%20Sought%20Lucrative%20Deals%20With%20Chine%2Cdescription.A%20second%20New%20York%20Post%20story%20shows%20Hunter%20Biden%20allegedly%20pursued%20business%20deals%2Curl.https%3A%2F%2Fthefederalist%252Ecom%2F2020%2F10%2F15%2Fnew-york-post-report-emails-show-hunter-bid%2Csite_name.The%20Federalist%2Cupdated_time.2020-10-15T21%3A52%3A34%2B00%3A00%2Cimage.https%3A%2F%2Fthefederalist%252Ecom%2Fwp-content%2Fuploads%2F2019%2F12%2FHunter-Biden-and-Joe-Biden-%2Cimage%3Asecure_url.https%3A%2F%2Fthefederalist%252Ecom%2Fwp-content%2Fuploads%2F2019%2F12%2FHunter-Biden-and-Joe-Biden-%2Cimage%3Awidth.1006%2Cimage%3Aheight.649

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:09:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK embed.js Show response
thefederalist23.disqus.com/ 73 KB
24 KB 182ms
179ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://thefederalist23.disqus.com/embed.js

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

e55bc13a6c05132eb716bc9de4da2b1d5bcfa3ed1a5c5360ac6dc85e083cfdb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:09:07 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24122

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-577bfffa1c25df73/ 2 KB
726 B 33ms
30ms Script
application/javascript 104.84.56.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-577bfffa1c25df73/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eec5dfd606b9b0ac0dd7de89f69e31036282d43d57fe30103e52c5ef73b6b6d2

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:07 GMT
content-encoding: gzip
etag: 522118957--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=19, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 551

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBDLLH

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6180
date: Fri, 05 Mar 2021 15:26:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 05 Mar 2021 17:26:07 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/a09205f7/ Frame DD6F 340 KB
51 KB 83ms
82ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a09205f7/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 01:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 23:49:38 GMT
server: sffe
age: 55422
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52174
x-xss-protection: 0
expires: Sat, 05 Mar 2022 01:45:25 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/a09205f7/www-embed-player.vflset/ Frame DD6F 159 KB
58 KB 175ms
173ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a09205f7/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46f87edccd58edd2f7ffba4ea616912cc4a7d14a0d4378f1ea973614926adc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 01:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 23:49:38 GMT
server: sffe
age: 55422
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58950
x-xss-protection: 0
expires: Sat, 05 Mar 2022 01:45:25 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/ Frame DD6F 2 MB
504 KB 169ms
168ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575ade33ee74c627918d75a53d1a1d846d54c866ede92999cb27a9f29eeb9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 01:54:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 23:49:38 GMT
server: sffe
age: 54854
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516112
x-xss-protection: 0
expires: Sat, 05 Mar 2022 01:54:53 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/a09205f7/fetch-polyfill.vflset/ Frame DD6F 8 KB
3 KB 168ms
167ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a09205f7/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 01:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 23:49:38 GMT
server: sffe
age: 55422
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Sat, 05 Mar 2022 01:45:25 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DD6F 15 KB
15 KB 375ms
61ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 01:51:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 573433
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 27 Feb 2022 01:51:55 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 518ms
24ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A7.7.1&blog=129680868&post=230474&tz=-5&srv=thefederalist.com&host=thefederalist.com&ref=&fcp=1374&rand=0.5886004861980199
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:08 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H/1.1 200
OK 13763695616668774 Show response
lockerdome.com/lad/ Frame 4C56 1 KB
2 KB 766ms
131ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/13763695616668774?pubid=ld-8338-5341&pubo=https%3A%2F%2Fthefederalist.com&rid=&width=678
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thefederalist.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thefederalist.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Fri, 05 Mar 2021 17:09:08 GMT

POST
H2 204 AGSKWxUMDO6OpJAJuCq1W2j_OUuUkOItppRcpdhAz6o2VLcrTBkLytnxOVgMpOXfiP_03DqF1OurqWQCWXRxrPSX7M0= Show response
fundingchoicesmessages.google.com/l/ 0
819 B 93ms
0ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxUMDO6OpJAJuCq1W2j_OUuUkOItppRcpdhAz6o2VLcrTBkLytnxOVgMpOXfiP_03DqF1OurqWQCWXRxrPSX7M0=?pvid=7A408D07-2487-4FA9-B134-BA13750C6EB1&anonid=397F0030-ECEE-4FDC-AB49-1BF11C2CEF1C

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.SvauEk2q5wQ.es5.O/d=1/ct=zgms/rs=AJlcJMwt3VvsNbtkiCgEzGyq27azLfhZMg/m=loader_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KqZP2LHjYFnBeI3frixCBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KqZP2LHjYFnBeI3frixCBw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Mar 2021 17:09:08 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thefederalist.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-KqZP2LHjYFnBeI3frixCBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KqZP2LHjYFnBeI3frixCBw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxX8IkKgDDttOUTQCOq3XIS4wUubLI_iRHJi91XTl8bNYt75IjRkKmsP1b2OnwqvGC3EWEPP5bI9XO7N5EVOfUg= Show response
fundingchoicesmessages.google.com/f/ 55 KB
22 KB 164ms
95ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX8IkKgDDttOUTQCOq3XIS4wUubLI_iRHJi91XTl8bNYt75IjRkKmsP1b2OnwqvGC3EWEPP5bI9XO7N5EVOfUg=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE0OTY0MTQ4LDY1NDAwMDAwMF0sIjdBNDA4RDA3LTI0ODctNEZBOS1CMTM0LUJBMTM3NTBDNkVCMSIsIjM5N0YwMDMwLUVDRUUtNEZEQy1BQjQ5LTFCRjExQzJDRUYxQyIsbnVsbCxbbnVsbCxbN11dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de540f754c1eba02bacce10237404381aab983ee40b30973dcf79698aa2c9cbf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rq8vKwOGVKtOkP5q3p6E/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Rq8vKwOGVKtOkP5q3p6E/w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-Rq8vKwOGVKtOkP5q3p6E/w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Rq8vKwOGVKtOkP5q3p6E/w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 194ms
0ms Script
application/javascript 104.84.56.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 05 Mar 2021 17:09:08 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 683573541742108 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 157ms
0ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/683573541742108?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d94e2b02590bfdbc8f8550e99d90d07476845afac9a005ef6743096039344691

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70544
x-fb-rlafr: 0
pragma: public
x-fb-debug: AAieg00qPwKXI0sm5BH5EZbyqNOFQJomRuXEFRDi3zCTHWqjF0jC/QnJ+Hg7CjZ9/2Qh++crYOVaop8Tf/xJ0Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 05 Mar 2021 17:09:09 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
code.jguery.com/ 95 KB
34 KB 309ms
20ms Script
application/javascript 2606:4700:e0::ac40:6c1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jguery.com/jquery-1.11.1.min.js
Requested by: Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6c1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c57453f8b0eaf240997e862d4a66d5c8c198c5ebd7a1addf085499a2540eddf7

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-request-id: 08a4f663d5000005fd1712c000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Fri, 05 Mar 2021 17:09:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LS%2Bo1dNxPyVHjMOfk9qHoVLt6ml%2FBzQ9ilVXUhkR9vUK4TqVQBMmqEno1jxA10TQZ%2B8Gy1x7oMx06Ntf%2B%2BEtdPfz8y8JOs%2BanySxHqkILxHQHqFyS%2BSNoEdBZQA%3D"}],"max_age":604800}
content-type: application/javascript
cf-ray: 62b4f34c8d2605fd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
1 KB 140ms
25ms Script
application/javascript 2606:4700:e2::ac40:8620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: a.publir.com
URL: https://a.publir.com/platform/common/prebid410.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: A6164A9F8F6FE739
x-amz-id-2: ow60Ff16zW7F9qe3GXPGM7mokaYygXcnFlpoo4HL0y6zPmTBPpKOZqJ5AQK7arrHcg0Geu62QVM=
last-modified: Thu, 25 Feb 2021 15:23:16 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZqUfu%2Fh5uJUilxezL7PBhX09MhwZfweNDw%2FE0otN9N87PAM%2BMU%2BNPPmZJuVvedvfqPRdUX1kHS%2BTcVG5at%2B6IjClyjUiUdxIw3FJIzRjDZ5wcqYl%2FAVJKkz5ow%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: public, max-age=1800
cf-request-id: 08a4f6642e00002c325e2aa000000001
cf-ray: 62b4f34d1ffc2c32-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
86 B 17ms
15ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1186742316&t=pageview&_s=1&dl=https%3A%2F%2Fthefederalist.com%2F2020%2F10%2F15%2Fnew-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm%2F&ul=en-us&de=UTF-8&dt=New%20York%20Post%20Report%3A%20Emails%20Show%20Hunter%20Biden%20Sought%20Lucrative%20Deals%20With%20Chinese%20Firm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1450024168&gjid=314348293&cid=948200923.1614964149&tid=UA-80925080-1&_gid=1746804151.1614964149&_r=1&gtm=2wg2o0PBDLLH&z=321372022

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:09:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thefederalist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 22ms
15ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-31527-41&cid=948200923.1614964149&jid=729020970&gjid=1234951727&_gid=1746804151.1614964149&_u=YGDAgAABAAAAAG~&z=1440852589

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Mar 2021 17:09:09 GMT
content-type: text/plain
access-control-allow-origin: https://thefederalist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
85 B 15ms
8ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1186742316&t=pageview&_s=1&dl=https%3A%2F%2Fthefederalist.com%2F2020%2F10%2F15%2Fnew-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm%2F&ul=en-us&de=UTF-8&dt=New%20York%20Post%20Report%3A%20Emails%20Show%20Hunter%20Biden%20Sought%20Lucrative%20Deals%20With%20Chinese%20Firm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAABAAAAAC~&jid=729020970&gjid=1234951727&cid=948200923.1614964149&tid=UA-31527-41&_gid=1746804151.1614964149&gtm=2wg2o0PBDLLH&z=144026763

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:03:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 323
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.c82b267b396dfbc10ae5113342115da8.css
c.disquscdn.com/next/embed/styles/ 0
22 KB 23ms
0ms Other
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Requested by

Host: thefederalist23.disqus.com
URL: https://thefederalist23.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 168097
strict-transport-security: max-age=300; includeSubdomains
content-length: 22713
cf-request-id: 08a4f6655f00004e251294e000000001
timing-allow-origin: *
last-modified: Wed, 03 Mar 2021 01:20:39 GMT
server: cloudflare
etag: "603ee467-58b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 62b4f34ef80f4e25-FRA
x-amz-cf-id: 8iHhdnaJ5uIRYSyeUnp9kgCqelvQxggEWvWNZtCLHCvwamS-AeRHKw==
expires: Thu, 03 Mar 2022 18:27:32 GMT

GET
H2 200 common.bundle.90a60d500e3de29f162afaa4d877b73a.js
c.disquscdn.com/next/embed/ 0
93 KB 40ms
17ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.90a60d500e3de29f162afaa4d877b73a.js

Requested by

Host: thefederalist23.disqus.com
URL: https://thefederalist23.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 762238
strict-transport-security: max-age=300; includeSubdomains
content-length: 94782
cf-request-id: 08a4f6656c00004e25f290c000000001
timing-allow-origin: *
last-modified: Tue, 23 Feb 2021 19:13:31 GMT
server: cloudflare
etag: "603553db-1723e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 62b4f34f18294e25-FRA
x-amz-cf-id: P48o1JC6vh_9vXvK1l7A4gZl4KcNJUxKTMWniCJmMyzMvQ2w_x97NQ==
expires: Thu, 24 Feb 2022 21:25:11 GMT

GET
H2 200 lounge.bundle.54cf549c270b597d5587d24486b38d71.js
c.disquscdn.com/next/embed/ 0
115 KB 37ms
14ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.54cf549c270b597d5587d24486b38d71.js

Requested by

Host: thefederalist23.disqus.com
URL: https://thefederalist23.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1282660
strict-transport-security: max-age=300; includeSubdomains
content-length: 116865
cf-request-id: 08a4f6656c00004e2515bbd000000001
timing-allow-origin: *
last-modified: Thu, 18 Feb 2021 19:12:14 GMT
server: cloudflare
etag: "602ebc0e-1c881"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 62b4f34f182b4e25-FRA
x-amz-cf-id: WY7hPbT8FAY3vQGA8Ifg_-yNBPcsGB2ConfpUDiOA5gZCEBegG4T4A==
expires: Fri, 18 Feb 2022 20:51:22 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
11 KB 229ms
30ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: thefederalist23.disqus.com
URL: https://thefederalist23.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 17:09:09 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 20
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11035
X-XSS-Protection: 1; mode=block

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
425 B 65ms
23ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-80925080-1&cid=948200923.1614964149&jid=1450024168&gjid=314348293&_gid=1746804151.1614964149&_u=YEBAAAAAAAAAAC~&z=1263047199

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Mar 2021 17:09:10 GMT
content-type: text/plain
access-control-allow-origin: https://thefederalist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
124 B 40ms
39ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-31527-41&cid=948200923.1614964149&jid=729020970&_u=YGDAgAABAAAAAG~&z=265165351

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:09:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 39ms
38ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-31527-41&cid=948200923.1614964149&jid=729020970&_u=YGDAgAABAAAAAG~&z=265165351

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:09:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxWPDs9a7NF2X9jC4b5zn9_rOan_vU9soZnW9dgx-mWyZiE3ElMeOF8PFlmuG1mUfs5jSZTIZXQecHz59C1PyopFsgWuZ3LMTM5cur6nQkW1K2jT1RyEVKso5izJ9jIqFv7rDAn7CAyPCNO9MJsRKj0g9AYFFLsikVrP43qIQDH5U42S8zd9qzwdXWqc Show response
fundingchoicesmessages.google.com/l/ 0
806 B 60ms
31ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxWPDs9a7NF2X9jC4b5zn9_rOan_vU9soZnW9dgx-mWyZiE3ElMeOF8PFlmuG1mUfs5jSZTIZXQecHz59C1PyopFsgWuZ3LMTM5cur6nQkW1K2jT1RyEVKso5izJ9jIqFv7rDAn7CAyPCNO9MJsRKj0g9AYFFLsikVrP43qIQDH5U42S8zd9qzwdXWqc?dmid=a3c8a2947d5e84fa

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2SignalJs.en_US.ZEp8c0O-YSU.es5.O/d=1/ct=zgms/rs=AJlcJMz6TExdobo82RJnJWvt8fkC_JWPAg/m=iabtcfv2signalscript

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-egPLoUY+McIiId4TuRAIPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-egPLoUY+McIiId4TuRAIPQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Mar 2021 17:09:10 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thefederalist.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-egPLoUY+McIiId4TuRAIPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-egPLoUY+McIiId4TuRAIPQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxW0EoSV0Q0HwIs-WefiaA_14CGOCnMgcPZ_rSOG8MbnIYUzcexylZEBULeWOGPuiPnNeXHz4k9oDyrzhpjUOIhCSwMQ1hvmz_yMHj_-2LVuRcmCuPPsrjw1in-xfh8RgwxlT_HBfGLlrPIg83fE2Id-7Ozjjdei-L4vm7RVONnMXWtn9w0Lq_uXMOKW Show response
fundingchoicesmessages.google.com/f/ 57 KB
22 KB 49ms
47ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW0EoSV0Q0HwIs-WefiaA_14CGOCnMgcPZ_rSOG8MbnIYUzcexylZEBULeWOGPuiPnNeXHz4k9oDyrzhpjUOIhCSwMQ1hvmz_yMHj_-2LVuRcmCuPPsrjw1in-xfh8RgwxlT_HBfGLlrPIg83fE2Id-7Ozjjdei-L4vm7RVONnMXWtn9w0Lq_uXMOKW?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE0OTY0MTUwLDI1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwxXV0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58425337e417517b3547f0b0d30d5ab2a8a31733b60af6e44426e67897601160

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+VQECKiaG2FcPxhFgdFQug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-+VQECKiaG2FcPxhFgdFQug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-+VQECKiaG2FcPxhFgdFQug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-+VQECKiaG2FcPxhFgdFQug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame DD6F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
917 B

44ms
42ms

XHR
application/json

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec145bd69a76a1bdcb7c4a66936da84357ccded3cac051c70344afef814e76bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 05 Mar 2021 17:09:10 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame DD6F 29 B
91 B 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:03:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 356
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:18:14 GMT

GET
H3-Q050 200 dc.js Show response
stats.g.doubleclick.net/ Frame 4C56 45 KB
17 KB 17ms
16ms Script
text/javascript 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/13763695616668774?pubid=ld-8338-5341&pubo=https%3A%2F%2Fthefederalist.com&rid=&width=678

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3808
date: Fri, 05 Mar 2021 16:05:42 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Fri, 05 Mar 2021 18:05:42 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
65 B 52ms
30ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-80925080-1&cid=948200923.1614964149&jid=1450024168&_u=YEBAAAAAAAAAAC~&z=1966078809

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:09:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 89ms
47ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-80925080-1&cid=948200923.1614964149&jid=1450024168&_u=YEBAAAAAAAAAAC~&z=1966078809

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:09:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
260 B 8ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=683573541742108&ev=PageView&dl=https%3A%2F%2Fthefederalist.com%2F2020%2F10%2F15%2Fnew-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm%2F&rl=&if=false&ts=1614964150610&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614964150590.1236939374&it=1614964148821&coo=false&rqm=GET

Requested by

Host: thefederalist.com
URL: https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 05 Mar 2021 17:09:10 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 66 KB
20 KB 40ms
19ms Fetch
application/javascript 2606:4700:e2::ac40:8620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8436a43cd4f38a0fdd2af8f2cd0e512268d832418ba987014efca19647a8ab2d

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:10 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1550
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 50FE4B198EA97F54
x-amz-id-2: +00QSvVRc56WVWKu/OZ/D8ioU561WEZGaBdzoN1z0QPFR7YwmnLghxcwdK8HyOJF7f3mQgsL2vM=
last-modified: Thu, 25 Feb 2021 15:23:14 GMT
server: cloudflare
etag: W/"f2bf7ac1d207b3af812b72982be69c8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XTeHNcHVq6l3Ov3qC2%2BoJ39jqZ5t%2FhGPtaHNb7N5NExCiwjJ1XGXR9ktAo1jBnhbDiVtnJb98b8nmGFifBfWVr9%2BpbZQSLXHD3kWMzfH28qJIxfD1luWkokcHQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-request-id: 08a4f669730000c2b8b91db000000001
cf-ray: 62b4f3558ff8c2b8-FRA

GET
H2 200 remote.js Show response
www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/ Frame DD6F 97 KB
32 KB 16ms
8ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60ec84dd57b4bb768d51e84907a80618457c0bf42e304390153a74b81218d9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 01:54:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 23:49:38 GMT
server: sffe
age: 54856
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32688
x-xss-protection: 0
expires: Sat, 05 Mar 2022 01:54:55 GMT

GET
H2 200 T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js Show response
www.google.com/js/bg/ Frame DD6F 14 KB
6 KB 14ms
6ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 13:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 99934
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6212
x-xss-protection: 0
expires: Fri, 04 Mar 2022 13:23:37 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/ Frame DD6F 29 KB
10 KB 15ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7a8aeacb5d1adba0f3eb014cf3117011f4ee9f5aaa36f939334473288906733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 01:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Mar 2021 23:49:38 GMT
server: sffe
age: 54729
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9666
x-xss-protection: 0
expires: Sat, 05 Mar 2022 01:57:02 GMT

GET
DATA 200
OK truncated
/ Frame DD6F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnhMy7K4PsccSm5Gc0iWBv4qU97dH_lvk-KOZjdEzQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame DD6F 1 KB
1 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnhMy7K4PsccSm5Gc0iWBv4qU97dH_lvk-KOZjdEzQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c8b2cab8111f5bd4da379b8ffaa45d6ead148267619662fe96772f8b4909e310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 14:23:06 GMT
x-content-type-options: nosniff
age: 9965
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1361
x-xss-protection: 0
server: fife
etag: "vfd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 06 Mar 2021 14:23:06 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/i5AmwMiBIYo/ Frame DD6F 24 KB
24 KB 15ms
15ms Image
image/webp 2a00:1450:4001:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/i5AmwMiBIYo/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a041a34d39577c5585c6fd3b86d0b2b98acd008c7d98edf465e2d8bf705fa92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 16:43:20 GMT
x-content-type-options: nosniff
server: sffe
age: 1551
etag: "1602797282"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24266
x-xss-protection: 0
expires: Fri, 05 Mar 2021 18:43:20 GMT

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
326 B 43ms
33ms XHR
application/json 104.84.56.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fthefederalist.com%2F2020%2F10%2F15%2Fnew-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
last-modified: Fri, 05 Mar 2021 17:00:00 GMT
server: nginx/1.15.8
date: Fri, 05 Mar 2021 17:09:11 GMT
content-type: application/json
access-control-allow-origin: https://thefederalist.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 35 B
353 B 248ms
238ms Script
application/json 104.84.56.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fthefederalist.com%2F2020%2F10%2F15%2Fnew-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm%2F&callback=_ate.cbs.rcb_deb40

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

b36f2da31794d42b1ef6f1b3cdf4908235547432580fc36de53c731a3facfb20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
last-modified: Fri, 05 Mar 2021 17:09:11 GMT
server: nginx/1.15.8
date: Fri, 05 Mar 2021 17:09:11 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 55

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 35 B
353 B 222ms
212ms Script
application/json 104.84.56.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fthefederalist.com%2F2020%2F10%2F15%2Fnew-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm%2F&callback=_ate.cbs.rcb_ha5m0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

353274ed15a48eef4553022d635b39fea1c04e768266820c69966765143de391

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: thefederalist.com/2020/10/15/new-york-post-report-emails-show-hunter-biden-sought-lucrative-deals-with-chinese-firm/
last-modified: Fri, 05 Mar 2021 17:09:11 GMT
server: nginx/1.15.8
date: Fri, 05 Mar 2021 17:09:11 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 55

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 /
www.facebook.com/tr/ 0
73 B 17ms
2ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryR4pQaltdM9XpIyfr

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 05 Mar 2021 17:09:12 GMT
content-type: text/plain
access-control-allow-origin: https://thefederalist.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 AGSKWxXTZ2ltFQPMoWjvc2zZNyzFfaH8CEB3EYVJu37bgPqw6KajMlE3YgGfBJtqwX02O62C8A_YjRtA8WHHfn5Dtyh0rAIFMthGGPUQqZqlo9vJH1nO6r70bAyr2bF70Hj69EtXPzPOPmCPFqieXxOztAA13uDlRwykb181VeCvp4F9pqCXzwJfg9f1XWef Show response
fundingchoicesmessages.google.com/f/ 60 KB
23 KB 43ms
36ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXTZ2ltFQPMoWjvc2zZNyzFfaH8CEB3EYVJu37bgPqw6KajMlE3YgGfBJtqwX02O62C8A_YjRtA8WHHfn5Dtyh0rAIFMthGGPUQqZqlo9vJH1nO6r70bAyr2bF70Hj69EtXPzPOPmCPFqieXxOztAA13uDlRwykb181VeCvp4F9pqCXzwJfg9f1XWef?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCwyLFsxNjE0OTY0MTUyLDY2MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSwxMF0sbnVsbCwxXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.dl0OnpyMEmg.es5.O/d=1/ct=zgms/rs=AJlcJMxGNk9Nvd_cMQsNqaG-SKoFAy_nmw/m=iabccpawebsignalscript

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

034b4fd01edcd216775d51c2d0575104d83cd1c9d433550a6c98388b20e0d05c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ukhh2s78SORv+qo4ZwYU2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ukhh2s78SORv+qo4ZwYU2A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thefederalist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 17:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-ukhh2s78SORv+qo4ZwYU2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ukhh2s78SORv+qo4ZwYU2A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame DD6F 4 KB
2 KB 52ms
40ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:09:12 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame DD6F 0
38 B 8ms
7ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?6Kvx5g
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 17:09:13 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame DD6F 28 B
191 B 20ms
19ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a09205f7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/i5AmwMiBIYo?version=3&rel=1&fs=1&autohide=2&showsearch=0&showinfo=1&iv_load_policy=1&wmode=transparent
X-YouTube-Client-Version: 1.20210304.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHVURxVWwtTVdVOCiyy4mCBg%3D%3D
X-YouTube-Ad-Signals: dt=1614964150298&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C576%2C394&vis=1&wgl=true&ca_type=image&bid=ANyPxKofhX2zqLKPqt7COicA6LRa3OYVnxTEj8g44jT3ER3vrQ0jiJmR7dUP48r01uIX4znKlNRSwDnqbHcHlXES056Ibn3g3A

Response headers

date: Fri, 05 Mar 2021 17:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 05 Mar 2021 17:09:23 GMT

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.thefederalist.com/	1970-01-19 18:45:40	Name: _fbp Value: fb.1.1614964152430.1179798208

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://thefederalist.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://script.4dex.io/localstore.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.publir.com
api-public.addthis.com
c.disquscdn.com
cdn-images.mailchimp.com
cdn2.lockerdomecdn.com
code.jguery.com
connect.facebook.net
disqus.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i.ytimg.com
lockerdome.com
pixel.quantserve.com
pixel.wp.com
rules.quantcount.com
s0.wp.com
s7.addthis.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
static.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
thefederalist.com
thefederalist23.disqus.com
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
z.moatads.com
104.154.142.214
104.84.56.112
142.250.186.162
151.101.64.134
151.139.242.29
184.30.21.162
192.0.76.3
192.0.77.32
199.232.196.134
2600:9000:20d7:7400:6:44e3:f8c0:93a1
2606:4700:20::681a:c80
2606:4700:3037::6815:5eb
2606:4700::6812:a913
2606:4700:e0::ac40:6c1b
2606:4700:e2::ac40:8620
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::2004
2a00:1450:4001:800::2016
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:803::200e
2a00:1450:4001:808::200e
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::2006
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:400c:c1b::9c
2a00:1450:400c:c1b::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
65.9.19.93
005354de2879e9b66d2893f3a6035c4425784ae37a1b609a2775ae9c5dc6a514
034b4fd01edcd216775d51c2d0575104d83cd1c9d433550a6c98388b20e0d05c
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1039bfe74cb614d9ade3fa79416dd840ed4a8057a21925570fad0f712ff88fcc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
123a5b2a00c1f1abb7fbc0ee3c135727ef64f4a0d8bb9ba6059cc38a8757033f
15f983d412ee16abb31eb570ed4a60d67847e4eea49d3f46f5516b0b515896e1
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
190da0476f8cce20db0253b544d4188fde9cdc8f8e86cdedd0ef083a6520fd60
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
25612be427fd55fc8634d91551956b475eddb5b53b027d11e230f4c9031b8aea
28f2333d0bb2282fb479d26bba8d6af840dfcd47aab2b0d578e55b914ea06dc5
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78
2f0b7264810a4f05251ac724721a5a3a61887cff9bd30e1fbbc1bc832e94d38a
2fb9d6149e4aed105754c0d6755a5791e0c2aedea8717ebe211abc2031e20663
2fd995ebd1e986ffc62e6b34491d7bb2ecc988ce6bed9f10504ff22ab5768da3
31b55b15fbb1f3eeb211dda0bcc0ce7912346a757af6c3cb12fe7cefcd8ea737
332895a047b9f843f4f93ceeb39d3dea48216e9ca5a652a11c5fa0327b15c2ef
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
353274ed15a48eef4553022d635b39fea1c04e768266820c69966765143de391
3c2ba252c378a8081faf78528bfc0fec04d544047d7c199f0e644af34b9d71ae
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44be4c61ab4f87f0a445e101fd90ef82e03fc3e6b1138a93aded0a546a7ea455
457c059f99692060a9396396cd73c1aa02c254eac2c794b004e9c115d1bb1f1c
46f87edccd58edd2f7ffba4ea616912cc4a7d14a0d4378f1ea973614926adc80
4898419fd629be5a870b20c1b68cce4251a9294eb4a96d0d96b748b624dfddd9
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487
575ade33ee74c627918d75a53d1a1d846d54c866ede92999cb27a9f29eeb9476
58425337e417517b3547f0b0d30d5ab2a8a31733b60af6e44426e67897601160
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a56e72090fa690bc73982f1c83eebf18877c29e20aa7c9fd6c622de3d9843c7
60ec84dd57b4bb768d51e84907a80618457c0bf42e304390153a74b81218d9c0
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
64e76948277db674193d02a50bbe2faae032c760d66f9d0d249f467f258a97e1
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7b1bb030903f7d5f68f8661137137064053d9354bc943317f5265f16ce33503b
7c211a5c4d8e495d73180e47285310943220de04cc719379ddc7608c2badf164
7e6af8f3ae951fb9a29f37bde85c1122f34d8c77dc9c18fb4d5e24a3e25d076d
81df137979b8c4fe3360c623e1f0f40c06cceb7cef233cdde5b67bb4d6b9c578
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8436a43cd4f38a0fdd2af8f2cd0e512268d832418ba987014efca19647a8ab2d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8b9467c245189854a6ae2644fe7f389ff73f937633127076a3316c074ecfb5e8
9930f4e26cb466c1b9941f65c5b628e548d914c415d8857b143356264fb34855
999c77ba547d2e647a604dea78a72641c8770051b3e49845e994c76e1c008312
9a041a34d39577c5585c6fd3b86d0b2b98acd008c7d98edf465e2d8bf705fa92
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9d10678e99416091e7a7e2ae00392bac1dcb8fda5a2b1c228ec4106050bd22ba
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a9b726cfc721b91aa6344ef888d4f46f5843bced66bc3cf9193e769170878719
ab50e6d6a6e5a3b4877d975d22e107407707d1f98058439e5500a10c3b57e037
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae33ebc9c72feadaad82ed0d3effb86c29ecfdf3f400e5b86f6555ab16b8b00a
b36f2da31794d42b1ef6f1b3cdf4908235547432580fc36de53c731a3facfb20
b42989a0f2a1fb6d69e72c4f548ef2e73c4d3089d53649f5ed75e45c7b91cffb
b92ac59674137362ad6cf84c0a8e9a8d46814e1c6d1152f953e10b4f9923e03e
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
c183713781265a2abdc03eab5050b102a17a1170eaa908604e61fc9f07c9aad4
c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d
c57453f8b0eaf240997e862d4a66d5c8c198c5ebd7a1addf085499a2540eddf7
c8b2cab8111f5bd4da379b8ffaa45d6ead148267619662fe96772f8b4909e310
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
cc90b42eef2961baa23156dc2f610c270887d22a43e24fd6537c80f758baa8d0
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d94e2b02590bfdbc8f8550e99d90d07476845afac9a005ef6743096039344691
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de540f754c1eba02bacce10237404381aab983ee40b30973dcf79698aa2c9cbf
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55bc13a6c05132eb716bc9de4da2b1d5bcfa3ed1a5c5360ac6dc85e083cfdb0
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec145bd69a76a1bdcb7c4a66936da84357ccded3cac051c70344afef814e76bf
ec33d5d250bd74e3ccb1c0f0fe7aa9136a36fd2b2af8a34b789a1807aca84bb0
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eec5dfd606b9b0ac0dd7de89f69e31036282d43d57fe30103e52c5ef73b6b6d2
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
f16a43a6719b1b65129964d971809979e58a404c2f2609dc7d3a6d504236d237
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7a8aeacb5d1adba0f3eb014cf3117011f4ee9f5aaa36f939334473288906733
fa705bd8d18a8125105880317e15df98c5b55cc358ced3487e647d7412093ca0
fc5ca6f2f02eb9c06cefef6f11aed1cb5d9c4ad83b466a52a55000bc6c02059b

thefederalist.com Open in urlscan Pro 2606:4700:20::681a:c80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

106 Requests

100 %HTTPS

74 %IPv6

28 Domains

38 Subdomains

38 IPs

3 Countries

5139 kBTransfer

9341 kBSize

1 Cookies

8 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thefederalist.com Open in urlscan Pro
2606:4700:20::681a:c80 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

100 %
HTTPS

74 %
IPv6

28
Domains

38
Subdomains

38
IPs

3
Countries

5139 kB
Transfer

9341 kB
Size

1
Cookies

106 HTTP transactions
2 data transactions