21stcenturywire.com Open in urlscan Pro
104.26.10.239 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Submission Tags: falconsandbox
Submission: On June 11 via api (June 11th 2021, 2:01:00 pm UTC) from US

Summary HTTP 280 Redirects Links 62 Behaviour Indicators

Summary

This website contacted 52 IPs in 5 countries across 33 domains to perform 280 HTTP transactions. The main IP is 104.26.10.239, located in United States and belongs to CLOUDFLARENET, US. The main domain is 21stcenturywire.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2020. Valid for: a year.

This is the only time 21stcenturywire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	104.26.10.239 104.26.10.239	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
6	2600:9000:211... 2600:9000:211a:be00:4:c961:9640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.139.241.28 151.139.241.28	33438 (HIGHWINDS2) (HIGHWINDS2)
19	2600:9000:211... 2600:9000:211a:f000:1a:1e7b:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	143.204.98.33 143.204.98.33	16509 (AMAZON-02) (AMAZON-02)
13	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	116.202.174.190 116.202.174.190	24940 (HETZNER-AS) (HETZNER-AS)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
18	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
1	52.0.242.214 52.0.242.214	14618 (AMAZON-AES) (AMAZON-AES)
1	99.86.241.30 99.86.241.30	16509 (AMAZON-02) (AMAZON-02)
3	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206e:600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
29	2600:9000:211... 2600:9000:211a:cc00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
1	13.224.89.176 13.224.89.176	16509 (AMAZON-02) (AMAZON-02)
1	13.32.11.73 13.32.11.73	16509 (AMAZON-02) (AMAZON-02)
8	199.232.196.64 199.232.196.64	54113 (FASTLY) (FASTLY)
6	99.86.241.72 99.86.241.72	16509 (AMAZON-02) (AMAZON-02)
6	107.22.27.88 107.22.27.88	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
24	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
4	99.86.235.49 99.86.235.49	16509 (AMAZON-02) (AMAZON-02)
15	99.80.125.60 99.80.125.60	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
6	52.46.137.133 52.46.137.133	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
5	13.32.2.104 13.32.2.104	16509 (AMAZON-02) (AMAZON-02)
1	52.203.96.188 52.203.96.188	14618 (AMAZON-AES) (AMAZON-AES)
3	99.86.241.23 99.86.241.23	16509 (AMAZON-02) (AMAZON-02)
3	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	99.86.241.13 99.86.241.13	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:a40d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82f::200d	15169 (GOOGLE) (GOOGLE)
5 8	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4 4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 3	13.225.74.68 13.225.74.68	16509 (AMAZON-02) (AMAZON-02)
1	54.76.227.154 54.76.227.154	16509 (AMAZON-02) (AMAZON-02)
1 2	54.229.111.52 54.229.111.52	16509 (AMAZON-02) (AMAZON-02)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	13.32.4.57 13.32.4.57	16509 (AMAZON-02) (AMAZON-02)
280	52

48 104.26.10.239 (United States)

ASN13335 (CLOUDFLARENET, US)

21stcenturywire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:211a:be00:4:c961:9640:93a1 (United States)

ASN16509 (AMAZON-02, US)

a.mailmunch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.241.28 (United States)

ASN33438 (HIGHWINDS2, US)

cdn1.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:211a:f000:1a:1e7b:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.bannersnack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net

widget.spreaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.174.190 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: southfront.org

southfront.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

21stcenturywire.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.242.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-242-214.compute-1.amazonaws.com

forms.mailmunch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.241.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-30.vie50.r.cloudfront.net

w.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2600:9000:211a:cc00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.176 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-176.zrh50.r.cloudfront.net

d3770qakewhkht.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.11.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-11-73.vie50.r.cloudfront.net

d3wo5wojvuv7l.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 199.232.196.64 (United States)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glitter.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.241.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-72.vie50.r.cloudfront.net

widget.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 107.22.27.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

stats.bannersnack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.235.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-235-49.vie50.r.cloudfront.net

api-widget.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 99.80.125.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.46.137.133 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.2.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-2-104.vie50.r.cloudfront.net

i1.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.96.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-96-188.compute-1.amazonaws.com

analytics.mailmunch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.241.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-23.vie50.r.cloudfront.net

cf-hls-media.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.241.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-241-13.vie50.r.cloudfront.net

wave.sndcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a40d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.89 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.244.174.68 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

ejp.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.74.68 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-68.fra2.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.227.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-227-154.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.111.52 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-111-52.eu-west-1.compute.amazonaws.com

io.narrative.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.4.57 (United States)

ASN16509 (AMAZON-02, US)

l9bjkkhaycw6f8f4.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	21stcenturywire.com 21stcenturywire.com	770 KB
39	revcontent.com assets.revcontent.com trends.revcontent.com img.revcontent.com cdn.revcontent.com images.revcontent.com	503 KB
34	disqus.com 21stcenturywire.disqus.com disqus.com tempest.services.disqus.com referrer.disqus.com glitter.services.disqus.com links.services.disqus.com	134 KB
32	disquscdn.com c.disquscdn.com a.disquscdn.com	1 MB
25	bannersnack.com cdn.bannersnack.com stats.bannersnack.com	429 KB
16	twitter.com platform.twitter.com syndication.twitter.com	369 KB
15	sndcdn.com widget.sndcdn.com i1.sndcdn.com cf-hls-media.sndcdn.com wave.sndcdn.com	582 KB
8	rlcdn.com 5 redirects ejp.rlcdn.com idsync.rlcdn.com	2 KB
8	mailmunch.co a.mailmunch.co forms.mailmunch.co analytics.mailmunch.co	56 KB
7	doubleclick.net 4 redirects stats.g.doubleclick.net cm.g.doubleclick.net	51 KB
6	amazonaws.com sqs.us-east-1.amazonaws.com	4 KB
6	soundcloud.com w.soundcloud.com api-widget.soundcloud.com l9bjkkhaycw6f8f4.soundcloud.com	9 KB
5	gstatic.com fonts.gstatic.com ssl.gstatic.com	107 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	google.com apis.google.com accounts.google.com	41 KB
4	spreaker.com widget.spreaker.com	285 KB
4	google-analytics.com www.google-analytics.com	38 KB
3	rezync.com 2 redirects live.rezync.com	2 KB
3	lockerdome.com lockerdome.com	5 KB
3	googleapis.com fonts.googleapis.com Failed ajax.googleapis.com	35 KB
3	lockerdomecdn.com cdn1.lockerdomecdn.com cdn2.lockerdomecdn.com	7 KB
2	rfihub.com 2 redirects p.rfihub.com	2 KB
2	narrative.io 1 redirects io.narrative.io	813 B
2	viglink.com cdn.viglink.com	592 B
2	facebook.net connect.facebook.net	67 KB
2	twimg.com cdn.syndication.twimg.com pbs.twimg.com	8 KB
2	cloudfront.net d3770qakewhkht.cloudfront.net d3wo5wojvuv7l.cloudfront.net	22 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
1	imrworldwide.com obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	38 B
1	facebook.com www.facebook.com
1	quantcount.com rules.quantcount.com	436 B
1	southfront.org southfront.org	2 MB
1	googletagmanager.com www.googletagmanager.com	35 KB
280	33

	Domain	Requested by
48	21stcenturywire.com	21stcenturywire.com
29	c.disquscdn.com	21stcenturywire.disqus.com disqus.com c.disquscdn.com tempest.services.disqus.com
19	cdn.bannersnack.com	21stcenturywire.com cdn.bannersnack.com
15	images.revcontent.com	assets.revcontent.com
15	trends.revcontent.com	assets.revcontent.com
14	referrer.disqus.com	21stcenturywire.com
13	platform.twitter.com	21stcenturywire.com platform.twitter.com
8	disqus.com	21stcenturywire.disqus.com c.disquscdn.com
6	idsync.rlcdn.com	3 redirects c.disquscdn.com live.rezync.com
6	sqs.us-east-1.amazonaws.com	cdn.bannersnack.com
6	stats.bannersnack.com	cdn.bannersnack.com
6	widget.sndcdn.com	w.soundcloud.com widget.sndcdn.com
6	a.mailmunch.co	21stcenturywire.com a.mailmunch.co ajax.googleapis.com
5	i1.sndcdn.com	w.soundcloud.com widget.sndcdn.com
4	cm.g.doubleclick.net	4 redirects
4	ib.adnxs.com	3 redirects c.disquscdn.com
4	api-widget.soundcloud.com	widget.sndcdn.com
4	fonts.gstatic.com	fonts.googleapis.com
4	tempest.services.disqus.com	21stcenturywire.disqus.com c.disquscdn.com
4	21stcenturywire.disqus.com	21stcenturywire.com 21stcenturywire.disqus.com
4	widget.spreaker.com	21stcenturywire.com widget.spreaker.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com widget.spreaker.com
3	live.rezync.com	2 redirects c.disquscdn.com
3	links.services.disqus.com	c.disquscdn.com
3	cdn.revcontent.com	assets.revcontent.com
3	img.revcontent.com	assets.revcontent.com
3	a.disquscdn.com	c.disquscdn.com
3	cf-hls-media.sndcdn.com	widget.sndcdn.com
3	stats.g.doubleclick.net	lockerdome.com
3	assets.revcontent.com	tempest.services.disqus.com
3	syndication.twitter.com	platform.twitter.com
3	lockerdome.com	cdn2.lockerdomecdn.com
2	p.rfihub.com	2 redirects
2	io.narrative.io	1 redirects
2	ejp.rlcdn.com	2 redirects
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	cdn.viglink.com
2	apis.google.com	c.disquscdn.com apis.google.com
2	connect.facebook.net	c.disquscdn.com connect.facebook.net
2	fonts.googleapis.com	21stcenturywire.com cdn.bannersnack.com a.mailmunch.co
2	cdn1.lockerdomecdn.com	21stcenturywire.com cdn1.lockerdomecdn.com
1	l9bjkkhaycw6f8f4.soundcloud.com	widget.sndcdn.com
1	obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
1	glitter.services.disqus.com	c.disquscdn.com
1	ssl.gstatic.com	accounts.google.com
1	www.facebook.com	c.disquscdn.com
1	pbs.twimg.com
1	wave.sndcdn.com	widget.sndcdn.com
1	analytics.mailmunch.co
1	cdn.syndication.twimg.com	platform.twitter.com
1	pixel.quantserve.com	21stcenturywire.com
1	d3wo5wojvuv7l.cloudfront.net	widget.spreaker.com
1	d3770qakewhkht.cloudfront.net	widget.spreaker.com
1	rules.quantcount.com	secure.quantserve.com
1	w.soundcloud.com	21stcenturywire.com
1	forms.mailmunch.co	a.mailmunch.co
1	secure.quantserve.com	21stcenturywire.com
1	southfront.org	21stcenturywire.com
1	cdn2.lockerdomecdn.com	cdn1.lockerdomecdn.com
1	ajax.googleapis.com	a.mailmunch.co
1	www.googletagmanager.com	21stcenturywire.com
280	61

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.youtube.com
soundcloud.com
21w.co
21wire.tv
shop21wire.com
alternatecurrentradio.com
www.iheart.com
itunes.apple.com
sundaywire.libsyn.com
21wire.podomatic.com
rumble.com
www.spreaker.com
www.stitcher.com
www.ukcolumn.org
www.reuters.com
www.surfcityusa.com
www.usatoday.com
www.orlandoweekly.com
www.wyff4.com
www.hawaiinewsnow.com
www.ksnt.com
fox4kc.com
twitter.com
www.cnbc.com
www.fox29.com
dailycaller.com
www.cbsnews.com
www.nbc12.com
rifreedom.org
wikispooks.com
www.mintpressnews.com
southfront.org
lockerdome.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-16` - `2021-07-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.mailmunch.co Amazon	`2021-02-25` - `2022-03-26`	a year	crt.sh
cdn1.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2021-03-06` - `2022-04-07`	a year	crt.sh
bannersnack.com Amazon	`2020-09-10` - `2021-10-12`	a year	crt.sh
*.spreaker.com Amazon	`2021-04-20` - `2022-05-19`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
cdn2.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2021-03-06` - `2022-04-07`	a year	crt.sh
southfront.org R3	`2021-05-19` - `2021-08-17`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
forms.mailmunch.co R3	`2021-04-14` - `2021-07-13`	3 months	crt.sh
*.soundcloud.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-13` - `2022-02-14`	a year	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-26` - `2022-05-28`	a year	crt.sh
*.sndcdn.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-13` - `2022-02-14`	a year	crt.sh
assets.revcontent.com R3	`2021-05-14` - `2021-08-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
queue.amazonaws.com Amazon	`2020-12-04` - `2021-12-03`	a year	crt.sh
analytics.mailmunch.co R3	`2021-04-15` - `2021-07-14`	3 months	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
img.revcontent.com R3	`2021-05-15` - `2021-08-13`	3 months	crt.sh
cdn.revcontent.com R3	`2021-05-16` - `2021-08-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
ssl418259.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-04-06` - `2021-10-13`	6 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
images.revcontent.com R3	`2021-05-14` - `2021-08-12`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.rezync.com Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh
*.npdredinuid.imrworldwide.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
*.narrative.io Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Frame ID: 104AEBD0A34D815F6F12EF3EBFCD5D8B
Requests: 96 HTTP requests in this frame

Frame: https://cdn.bannersnack.com/banners/bzj529ipd/embed/index.html?t=1620159076&userId=10086691
Frame ID: 6DE1C4722EBD08ADB7261B2BD1E76766
Requests: 5 HTTP requests in this frame

Frame: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/index.html?t=1620397923&userId=10086691&responsive=true
Frame ID: E604693583FBF7564AD31FC42DE5FAC1
Requests: 5 HTTP requests in this frame

Frame: https://cdn.bannersnack.com/banners/bdxplhkx4/embed/index.html?t=1620159446&userId=10086691&responsive=true
Frame ID: AEE192269DA3DA3670723C9F770E59BB
Requests: 5 HTTP requests in this frame

Frame: https://cdn.bannersnack.com/banners/bx9fwkh72/embed/index.html?t=1622214949&userId=10086691&responsive=true
Frame ID: 63C9714009BBE4980C4011FD2CAAE8E0
Requests: 8 HTTP requests in this frame

Frame: https://cdn.bannersnack.com/banners/bzj529ipd/embed/index.html?t=1620159076&userId=10086691
Frame ID: 5FCF51082E46AFB55520FC45F959E586
Requests: 5 HTTP requests in this frame

Frame: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/index.html?t=1620397923&userId=10086691&responsive=true
Frame ID: 847B3BDE1190C57C19EF70FF62FB7AFF
Requests: 5 HTTP requests in this frame

Frame: https://widget.spreaker.com/player?episode_id=45187356&theme=light&playlist=false&playlist-continuous=true&playlist-loop=false&playlist-autoupdate=true&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=right&hide-likes=false&hide-comments=false&hide-sharing=false&hide-logo=false&hide-download=true&hide-episode-description=false&hide-playlist-images=false&hide-playlist-descriptions=false&gdpr-consent=null&cover_image_url=https://d3wo5wojvuv7l.cloudfront.net/images.spreaker.com/original/5b9d2cf8d9c4d84442a10de9204e9ec3.jpg
Frame ID: 6DF6653074EE84DAD597BE82A896E178
Requests: 6 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2F21stcenturywire.com
Frame ID: 18E18440A2A307866542C502020111FF
Requests: 2 HTTP requests in this frame

Frame: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1005066571&color=%23cc9900&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Frame ID: 3E1B61A5FB624805B93E1F1F43FA3CF7
Requests: 22 HTTP requests in this frame

Frame: https://lockerdome.com/lad/12258972111681382?pubid=ld-7602-9870&pubo=https%3A%2F%2F21stcenturywire.com&rid=&width=590
Frame ID: E736BAE4D1DEC97752D87DAA57BA5B44
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13429743756194918?pubid=ld-4931-8637&pubo=https%3A%2F%2F21stcenturywire.com&rid=&width=291
Frame ID: 9396DD34DA881CCDD9EF921F2D9BCD8B
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14030474624578662?pubid=ld-14030474624578662&pubo=https%3A%2F%2F21stcenturywire.com&rid=&width=1560
Frame ID: 64DC651C3774273284A7A9B3668308F3
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
Frame ID: 522371B0A0EB3C423C298158EB80569F
Requests: 32 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/revcontent/?position=top&shortname=21stcenturywire&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23cc9900&colorScheme=light&sourceUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&disqus_version=5884b71
Frame ID: A8287F9751466906A2D45787AF2F30E3
Requests: 15 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/revcontent/?position=bottom&shortname=21stcenturywire&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23cc9900&colorScheme=light&sourceUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&disqus_version=5884b71
Frame ID: 5B1C1EDA04C832EA3A641965A32FD61E
Requests: 15 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Frame ID: 05DE5EB33C667EA1BDEB77F5D02E8539
Requests: 14 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation
Frame ID: 75A5C1BB29A698AF1879F2AB186770E8
Requests: 16 HTTP requests in this frame

Frame: https://a.mailmunch.co/v2/themes/mailmunch/simple/embedded/index.css
Frame ID: 99317E925F18B568443A654355006BAA
Requests: 4 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=21stcenturywire&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23cc9900&colorScheme=light&sourceUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&disqus_version=5884b71
Frame ID: FA841A23F9A4FA064DF5735E12881FDA
Requests: 3 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/revcontent/?position=inthread&shortname=21stcenturywire&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23cc9900&colorScheme=light&sourceUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&disqus_version=5884b71
Frame ID: 1D49A42F5303D55C5BCA22D3A8A904DA
Requests: 12 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 1CF537F5B266E920097CD2416C2BB15D
Requests: 3 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEN6RwJYZyyiXcZai4a2sNJc&google_cver=1
Frame ID: 588D9586C75AD477890DDDF4533521E2
Requests: 1 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c34fqo5m2vjfm16&pctry=DE&referrer=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F
Frame ID: DE77BA67BFF0ADCBF450FC9E48B6F81A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

280
Requests

100 %
HTTPS

38 %
IPv6

33
Domains

61
Subdomains

52
IPs

5
Countries

6793 kB
Transfer

12485 kB
Size

8
Cookies

62 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pages/21st-Century-Wire/182032255155419

Search URL Search Domain Scan URL

URL: https://www.twitter.com/21WIRE/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/21stCenturyWireTV

Search URL Search Domain Scan URL

URL: https://soundcloud.com/21wire

Search URL Search Domain Scan URL

URL: https://21w.co/support
Title: Support 21WIRE > »

Search URL Search Domain Scan URL

URL: https://21wire.tv/membership/plans/
Title: Become a Member

Search URL Search Domain Scan URL

URL: http://21w.co/brave
Title: Download Brave Browser

Search URL Search Domain Scan URL

URL: https://21w.co/crypto
Title: Give Us Bitcoin

Search URL Search Domain Scan URL

URL: https://shop21wire.com/
Title: Shop 21Wire

Search URL Search Domain Scan URL

URL: https://21w.co/subscribe
Title: Subscribe Email

Search URL Search Domain Scan URL

URL: https://21wire.tv/
Title: 21WIRE.TV

Search URL Search Domain Scan URL

URL: http://alternatecurrentradio.com/
Title: Alternate Current Radio

Search URL Search Domain Scan URL

URL: https://21wire.tv/category/ukc-extra-time/
Title: Extra Time

Search URL Search Domain Scan URL

URL: https://www.iheart.com/podcast/21st-century-wires-podcast-29133767/
Title: iHeartRadio

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/podcast/id824099208
Title: iTunes

Search URL Search Domain Scan URL

URL: https://sundaywire.libsyn.com/
Title: Libsyn

Search URL Search Domain Scan URL

URL: https://21wire.tv/category/patrick-henningsen-live/
Title: Patrick Henningsen LIVE

Search URL Search Domain Scan URL

URL: http://21wire.podomatic.com/
Title: Podomatic

Search URL Search Domain Scan URL

URL: https://rumble.com/user/21WIRE
Title: Rumble

Search URL Search Domain Scan URL

URL: https://21w.co/spotify
Title: Spotify

Search URL Search Domain Scan URL

URL: http://www.spreaker.com/show/sunday-wire-with-patrick-henningsen
Title: Spreaker

Search URL Search Domain Scan URL

URL: http://www.stitcher.com/podcast/21st-century-wire/the-sunday-wire-with-patrick-henningsen
Title: Stitcher

Search URL Search Domain Scan URL

URL: https://www.ukcolumn.org/live
Title: UK Column LIVE

Search URL Search Domain Scan URL

URL: https://21w.co/covid19
Title: Coronavirus/COVID-19

Search URL Search Domain Scan URL

URL: https://21w.co/theveto
Title: THE VETO

Search URL Search Domain Scan URL

URL: https://21w.co/chauvin-trial-live
Title: Chauvin Trial LIVE Blog

Search URL Search Domain Scan URL

URL: https://21w.co/purge-election-year
Title: ‘The Purge Election Year’

Search URL Search Domain Scan URL

URL: https://21w.co/billgates
Title: Bill Gates

Search URL Search Domain Scan URL

URL: https://21w.co/lockdown
Title: Lockdown »

Search URL Search Domain Scan URL

URL: https://www.reuters.com/article/us-health-coronavirus-france-idUSKBN22N073
Title: France

Search URL Search Domain Scan URL

URL: https://www.surfcityusa.com/articles/post/huntington-beach-set-to-challenge-the-governors-order-to-close-all-orange-county-beaches/
Title: Huntington Beach

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/news/nation/2020/04/20/coronavirus-photos-show-mask-health-workers-blocking-denver-protest/5163745002/
Title: Colorado

Search URL Search Domain Scan URL

URL: https://www.orlandoweekly.com/Blogs/archives/2020/04/17/people-are-protesting-the-shelter-in-place-order-outside-the-orange-county-administration-building
Title: Florida

Search URL Search Domain Scan URL

URL: https://www.wyff4.com/article/georgia-restaurants-allowed-to-reopen-as-restrictions-loosen/32287593
Title: Georgia

Search URL Search Domain Scan URL

URL: https://www.hawaiinewsnow.com/2020/04/17/governors-emergency-order-requires-everyone-wear-face-masks-essential-businesses/
Title: Hawaii

Search URL Search Domain Scan URL

URL: https://www.ksnt.com/health/coronavirus/live-protesters-attempt-to-gridlock-downtown-topeka-over-stay-at-home-extension/
Title: Kansas

Search URL Search Domain Scan URL

URL: https://fox4kc.com/news/protests-reportedly-planned-in-kc-against-kansas-missouri-stay-at-home-orders/
Title: Missouri

Search URL Search Domain Scan URL

URL: https://twitter.com/21WIRE/status/1251213861212033024
Title: Nebraska

Search URL Search Domain Scan URL

URL: https://www.cnbc.com/2020/05/06/ny-gov-cuomo-says-its-shocking-most-new-coronavirus-hospitalizations-are-people-staying-home.html
Title: New York

Search URL Search Domain Scan URL

URL: https://www.fox29.com/news/protest-planned-to-rally-against-pennsylvanias-decision-to-keep-businesses-closed
Title: Harrisburg

Search URL Search Domain Scan URL

URL: https://dailycaller.com/2020/04/18/fire-fauci-anti-lockdown-protest-texas/
Title: Austin

Search URL Search Domain Scan URL

URL: https://www.cbsnews.com/news/salon-owner-shelley-luther-dallas-jail-coronavirus-stay-at-home/
Title: Dallas

Search URL Search Domain Scan URL

URL: https://www.nbc12.com/2020/04/16/protesters-gather-virginia-capitol-demand-end-states-lockdown/
Title: Virginia

Search URL Search Domain Scan URL

URL: https://rifreedom.org/2020/12/covid-19-ct-values-better-public-policy/
Title: PCR Tests

Search URL Search Domain Scan URL

URL: http://21w.co/basil-live
Title: BASIL VALENTINE

Search URL Search Domain Scan URL

URL: http://21w.co/sw
Title: SUNDAY WIRE LIVE

Search URL Search Domain Scan URL

URL: https://wikispooks.com/wiki/Eliot_Higgins
Title: Eliot Higgins

Search URL Search Domain Scan URL

URL: https://wikispooks.com/wiki/The_New_York_Times
Title: The New York Times

Search URL Search Domain Scan URL

URL: https://wikispooks.com/wiki/The_Washington_Post
Title: The Washington Post

Search URL Search Domain Scan URL

URL: https://wikispooks.com/wiki/The_Guardian
Title: The Guardian

Search URL Search Domain Scan URL

URL: https://wikispooks.com/wiki/BBC
Title: BBC

Search URL Search Domain Scan URL

URL: https://www.mintpressnews.com/omidyars-intercept-teams-up-with-war-propaganda-firm-bellingcat/250477/
Title: their dubious funding sources

Search URL Search Domain Scan URL

URL: https://southfront.org/fake-osint-investigations-model-infographics/
Title: South Front

Search URL Search Domain Scan URL

URL: https://southfront.org/us-uk-intel-services-prepare-disinformation-against-putins-inner-circle/
Title: Russian state media reported citing a military diplomatic source

Search URL Search Domain Scan URL

URL: https://southfront.org/moscow-becomes-next-target-of-coordinated-anti-government-campaign-across-russia/
Title: do have similar structure and are created under same guidelines

Search URL Search Domain Scan URL

URL: https://southfront.org/wp-content/uploads/2019/07/OSINT.jpg?x93183

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&url=https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/&via=21WIRE
Title: Tweet

Search URL Search Domain Scan URL

URL: https://21w.co/shop-old-normal

Search URL Search Domain Scan URL

URL: https://soundcloud.com/21wire/why-you-should-question-vaccine-passports
Title: Why You Should Question Vaccine Passports

Search URL Search Domain Scan URL

URL: http://21w.co/
Title: 21ST CENTURY WIRE

Search URL Search Domain Scan URL

URL: https://lockerdome.com/roi
Title: Promoted

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 262

https://ejp.rlcdn.com/501709.html HTTP 307
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCI3ZjYYGEgUI6AcQAEIASgA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEN6RwJYZyyiXcZai4a2sNJc&google_cver=1

Request Chain 265

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac34fqo5m2vjfm16&ret=img&ref=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=6a68e0e0-cabd-11eb-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac34fqo5m2vjfm16&ret=img&ref=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F

Request Chain 278

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=6016323827758610215 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=0f1604b6-1648-4ec6-95ff-4639bd13c40d%3A1623420046.33&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D0f1604b6-1648-4ec6-95ff-4639bd13c40d%253A1623420046.33 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=0f1604b6-1648-4ec6-95ff-4639bd13c40d%3A1623420046.33 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CM3PHhI8CjgIARAFGjIwZjE2MDRiNi0xNjQ4LTRlYzYtOTVmZi00NjM5YmQxM2M0MGQ6MTYyMzQyMDA0Ni4zMxAAGg0IjtmNhgYSBQjoBxAAQgBKAA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECXCQopaKTJsEp8gy5QiGus&google_cver=1

Request Chain 279

https://p.rfihub.com/cm?pub=39342&in=1&userid=5e04d479-297d-42fd-82c8-6cc3e00c70c1%3A1623420046.05&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871878970769606871 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=701882a0-7f49-4646-a6e2-bdf5cb139be8%3A1623420046.38 HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6016323827758610215

280 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/ 99 KB
22 KB 1104ms
1053ms Document
text/html 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: ef4d717b6f3f3e7f08ea9ec9434146818941eb8035e51bca358e0f1c8aee0d8d

Request headers

:method: GET
:authority: 21stcenturywire.com
:scheme: https
:path: /2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
set-cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; expires=Fri, 18-Jun-2021 14:00:41 GMT; Max-Age=604800; path=/
cf-edge-cache: cache,platform=wordpress
link: <https://21stcenturywire.com/wp-json/>; rel="https://api.w.org/" <https://21stcenturywire.com/wp-json/wp/v2/posts/139357>; rel="alternate"; type="application/json" <https://21stcenturywire.com/?p=139357>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: MISS
x-cache-group: normal
cf-cache-status: DYNAMIC
cf-request-id: 0a9cf90ebe000000858c13d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7a3hDVuBFf3Zd7gYusoKo2Iv9IqI75bOHTv1zhYwd3r%2B5%2Beuf4VByL2rplKCwAD07fjmtm%2FfnoH7hTGJaTAQhoCCu5GVFK1IwwacvxvGmn8Ls7xH2sCFxsmKUkH%2BlDfX"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65db5df79ae80085-LHR
content-encoding: br

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 34ms
29ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-37745304-1

Requested by

Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f8a9efc71aedbea767a9165fc410c8da4814d232a7db2c5c41ba9bfa2039446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36081
x-xss-protection: 0
last-modified: Fri, 11 Jun 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Jun 2021 14:00:41 GMT

GET
H2 200 cv.css
21stcenturywire.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/ 76 KB
11 KB 44ms
40ms Stylesheet
text/css 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.1
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77a5a3c2fbe6cdac60de52da4ae031af394dc417a6411cebea42c9c7b873eccf

Request headers

:path: /wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.4.0.1
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4278073
cf-polished: origSize=78058
cf-request-id: 0a9cf912ef000000856b815000000001
last-modified: Fri, 19 Mar 2021 20:40:43 GMT
server: cloudflare
etag: W/"60550c4b-130ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=k0NP27MSKvvLC1R9sfn1gQebMVCUwiMeVA%2BKf8jhIQsvMHEMYKeC9jgMcJAxWnLtFfYHq45iPoCfWxXt95S3bEjgK9qFODKj%2FQgfZRCb%2F7mbRtB2OXYG%2Fo8guL%2B5cmEN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dfe4c2a0085-LHR
cf-bgj: minify

GET
H2 200 style.css
21stcenturywire.com/wp-content/themes/magazine/ 21 KB
5 KB 45ms
41ms Stylesheet
text/css 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b212a942c3f19016f64b3a7d09bd079c0ba6be2d36c8412550664fa419599ad

Request headers

:path: /wp-content/themes/magazine/style.css?ver=2.1
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4278073
cf-polished: origSize=30938
cf-request-id: 0a9cf912ef000000855c85d000000001
last-modified: Mon, 06 May 2019 14:26:48 GMT
server: cloudflare
etag: W/"5cd04428-78da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RPUGwJLcblbAHjhShXrqotCtDpxevT%2Bce1cWXPyUkPBIzvcwNHwLZQPSqN4k0MG4XCWC2Ewh%2Ft4ExuXuZSa3Ui%2BHYTBxIrmC4ERcNaJu8aqAlZshhNBV8Yw4hPxmzuy%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dfe4c2b0085-LHR
cf-bgj: minify

GET
H2 200 style.min.css
21stcenturywire.com/wp-includes/css/dist/block-library/ 57 KB
8 KB 46ms
42ms Stylesheet
text/css 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 774126
cf-request-id: 0a9cf912ef000000854b3ec000000001
last-modified: Tue, 06 Apr 2021 23:50:28 GMT
server: cloudflare
etag: W/"606cf3c4-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=I6AtLcRRpnNSVTcQ%2FBIHVObZD22sUVS00mpUqO0rzlcXjzV5miwG%2FVvRz%2BdLSKVaEHL8yVtiQhPJ6lOoJJlznHcKyBPtjObWAgoL%2BWWFRwTsqE4OJl0B1gKlzVm4qBfF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dfe4c2c0085-LHR

GET
H2 200 mashsb.min.css
21stcenturywire.com/wp-content/plugins/mashsharer/assets/css/ 46 KB
27 KB 58ms
54ms Stylesheet
text/css 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/plugins/mashsharer/assets/css/mashsb.min.css?ver=3.7.9
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0500bd58f47403106f2f10da96d8d196941a02a4046e88611a59494557861f98

Request headers

:path: /wp-content/plugins/mashsharer/assets/css/mashsb.min.css?ver=3.7.9
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4278073
cf-request-id: 0a9cf912f0000000855880d000000001
last-modified: Mon, 15 Feb 2021 15:35:20 GMT
server: cloudflare
etag: W/"602a94b8-b6e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iUhwR0KI1%2FrWKvPlMa9NOT5h5CVhPoyc2A4EamGxqhj4GChiZVp3sRnHgBXysTvf0vnl268AwhEoXBMqpgCVLJMrqDHK%2BCdknYCtPr1G5P2QwYcNzfYfWNLqNApw6VlV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dfe4c2d0085-LHR

GET
H2 200 public.css
21stcenturywire.com/wp-content/plugins/stripe-payments/public/assets/css/ 3 KB
1 KB 59ms
56ms Stylesheet
text/css 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/plugins/stripe-payments/public/assets/css/public.css?ver=2.0.46
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2d74dff32b6d26ddf617e1c85de0e86f3848f2b4cafc41d354ce0ad7ea10669

Request headers

:path: /wp-content/plugins/stripe-payments/public/assets/css/public.css?ver=2.0.46
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 156674
cf-polished: origSize=4648
cf-request-id: 0a9cf912f10000008518b1b000000001
last-modified: Wed, 09 Jun 2021 18:27:20 GMT
server: cloudflare
etag: W/"60c10808-1228"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nfv5cP1irhppw6MQrHmrlDsgQVaS5OMJYdL6DHKPylsZiTWjxGs3FCNQjgqQJyNYaaZxcClnSpKqPesqAGAdLyd2W6G4NMMKhYBtP5ZWmIxzkQbaqyX8teYVrHyksgeB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dfe4c320085-LHR
cf-bgj: minify

GET
H2 200 widget-options.css
21stcenturywire.com/wp-content/plugins/widget-options/assets/css/ 1 KB
560 B 44ms
41ms Stylesheet
text/css 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15

Request headers

:path: /wp-content/plugins/widget-options/assets/css/widget-options.css
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4278073
cf-polished: origSize=1046
cf-request-id: 0a9cf912f100000085333cd000000001
last-modified: Fri, 19 Mar 2021 20:41:33 GMT
server: cloudflare
etag: W/"60550c7d-416"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c6AUfuYgei6OA31krA057PDhU4T1GOCoPlUfoxJzmqV5LwKaU%2Bsh2cHVyUKJX9kOsdjsAelz0LRGeWX7PQApnbyCwvFUp4tAmFF2C0yBCxWapc3%2BEgvbTvhgmIoU%2FSRt"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dfe4c340085-LHR
cf-bgj: minify

GET
H2 200 frontend-gtag.min.js Show response
21stcenturywire.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 9 KB
3 KB 49ms
45ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=7.17.0
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a

Request headers

:path: /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=7.17.0
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3954280
cf-request-id: 0a9cf912f3000000851d8ca000000001
last-modified: Mon, 26 Apr 2021 19:33:49 GMT
server: cloudflare
etag: W/"6087159d-23d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XNPmmMy7cxpOVCaGwSZ0uAfcSHSLtJuP9yZ%2Bcn3ZrsMckZ%2BlUKu24L3BgHqV8vTdAQf6zfjTjqsBPpVcEqR9k0cq1b3oKFiMQu2y%2F6rpruzva5Qt7PC6W%2FDOeTUANZxj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dfe4c350085-LHR

GET
H2 200 jquery.min.js Show response
21stcenturywire.com/wp-includes/js/jquery/ 87 KB
30 KB 49ms
46ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4278073
cf-request-id: 0a9cf912f10000008537ab6000000001
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: cloudflare
etag: W/"5f7dedd5-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yxLmCaWQP2PjULLN5PVtLGiXOl3moR%2FX25zA1FaeIx6xmKeJo5p1tv6g3YOJnftrBuFCRI0eZgy1qbaW4HHqGnobvMuvHc8cc%2FKsnK7%2BuYZ5yl8fhFam4D3ou763Vzzc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dfe4c370085-LHR

GET
H2 200 jquery-migrate.min.js Show response
21stcenturywire.com/wp-includes/js/jquery/ 11 KB
4 KB 48ms
45ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4278073
cf-request-id: 0a9cf912f1000000854629d000000001
last-modified: Thu, 19 Nov 2020 09:31:13 GMT
server: cloudflare
etag: W/"5fb63b61-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SWtMYJNHxiDyJmKbRhaHdAgwqhcBFFuxd1DMVKnmfMcWERj8SJ24rSBlfeF5Gk4cOga0NiLVkS6lGoVmmyLHOe9mfChDBn%2FTQZuVa%2FgYwvSMIf2YS7vQKaz0HmURE33G"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dfe4c380085-LHR

GET
H2 200 mashsb.min.js Show response
21stcenturywire.com/wp-content/plugins/mashsharer/assets/js/ 4 KB
2 KB 48ms
46ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/plugins/mashsharer/assets/js/mashsb.min.js?ver=3.7.9
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13a1fe4a87c09c6e9122834b5351f80012e2c539b32bc1d33c6982efab21b4b

Request headers

:path: /wp-content/plugins/mashsharer/assets/js/mashsb.min.js?ver=3.7.9
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4278073
cf-request-id: 0a9cf912f2000000858e940000000001
last-modified: Mon, 15 Feb 2021 15:35:20 GMT
server: cloudflare
etag: W/"602a94b8-114c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UsHDnaGM3loJsukE41V%2B6ycEmRthKDmkNtSeebd802d%2BO4TZKluAm7fxTR6QcS65t6Rsnn7mYM9uJL1Myd01lA3QrtBUAJSwYjSa67eUR9%2BQinEh78yhv%2F0uWpK54WyT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dfe4c390085-LHR

GET
H2 200 site.js Show response
a.mailmunch.co/app/v1/ 24 KB
8 KB 72ms
21ms Script
text/javascript 2600:9000:211a:be00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/site.js
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:be00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54103e22890f40de8d835c5df33f2c86e50a861618199694053f56af647c566a

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 21:40:10 GMT
content-encoding: gzip
age: 145233
x-cache: Hit from cloudfront
content-length: 8157
access-control-allow-origin: *
last-modified: Wed, 09 Jun 2021 06:56:57 GMT
server: AmazonS3
etag: "98170959cf24854eff34cdabaa0062a5"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/javascript
via: 1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: ldP6uXOEkOOaHMEQcI1c4yLExbAzdjOEGsenwzh1IyAnQI7FNwMTMA==

GET
H2 200 21stcenturywire_21stcenturywire_sticky.js Show response
cdn1.lockerdomecdn.com/embeds/ 1020 B
593 B 69ms
13ms Script
application/javascript 151.139.241.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.lockerdomecdn.com/embeds/21stcenturywire_21stcenturywire_sticky.js
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: b099638d381ce6a934e07708625cda82c8915c92686e438b6997748c68bb627f

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 21:49:33 GMT
server: nginx
etag: W/"d534f8a8872f5287e4cc2c7d6c792914"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
accept-ranges: bytes
content-length: 392

GET
H2 200 Facebook-e1454023231914.png
21stcenturywire.com/wp-content/uploads/2016/01/ 1 KB
2 KB 37ms
35ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2016/01/Facebook-e1454023231914.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a069848305deb56956a27e31bf816eca34b64797aa1f0f8faa2e5b9a0a63dfc8

Request headers

:path: /wp-content/uploads/2016/01/Facebook-e1454023231914.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4272272
cf-polished: origSize=2022
content-length: 1513
cf-request-id: 0a9cf9135000000085131e2000000001
last-modified: Sat, 14 Apr 2018 16:19:21 GMT
server: cloudflare
etag: "5ad22a09-7e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FvRXqXZbEtMkzW%2BxqvYxjKwUwpACkkdN2deMw%2ByDI%2B24hJ4cMvT12h%2FUZnTPvNXXAApPfnxiYV3bpZ9oBYLXoJy2VF2NlCF4cbO%2FF8wuNT9Meytj%2FnoeaydJj6HEpn0c"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5dfeece30085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 Twitter-e1454023188854.png
21stcenturywire.com/wp-content/uploads/2016/01/ 2 KB
2 KB 31ms
30ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2016/01/Twitter-e1454023188854.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c2e7d7d2006f53aea3a6889517663ca9e58e01a587dab8d526575f6a52354c9

Request headers

:path: /wp-content/uploads/2016/01/Twitter-e1454023188854.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4272272
cf-polished: origSize=2303
content-length: 1777
cf-request-id: 0a9cf91351000000850eb90000000001
last-modified: Sat, 14 Apr 2018 15:34:40 GMT
server: cloudflare
etag: "5ad21f90-8ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aYTNPe%2BHAEreJ6zJpm%2BjLxq9gq7JhbqtSbm4HSITTsUNXZvGCZm4epkkVbK8RzRgmgxEK%2Foiy%2FXnrLn6Avb9Ngv8YU%2FwqYgMoeqBKoSRLKDNdOsVHFKrATQy%2Fx6B%2Fjhm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5dfeece60085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 YouTube-e1454022865288.png
21stcenturywire.com/wp-content/uploads/2016/01/ 2 KB
2 KB 32ms
31ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2016/01/YouTube-e1454022865288.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd658831cbc09f0f2dbff00564841640774dd334ef24065e9ff9963380fb043

Request headers

:path: /wp-content/uploads/2016/01/YouTube-e1454022865288.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4276407
cf-polished: origSize=2165
content-length: 1667
cf-request-id: 0a9cf9135100000085442f7000000001
last-modified: Sat, 14 Apr 2018 16:22:12 GMT
server: cloudflare
etag: "5ad22ab4-875"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AajQHZmao1B9EcfE2JWSYMx0BFkmQuf6y6UAgbvznNdZaxDSlrGz2Kdyy1ZcGgvs0CjvnDS0ldAfp%2BUf57cdrb2PDtp%2FVg5knYK0Hb2keT5XhNaOOmNYnp2pt8MZ%2FznQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5dfeece70085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 SoundCloud-e1454022768553.png
21stcenturywire.com/wp-content/uploads/2016/01/ 2 KB
2 KB 32ms
30ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2016/01/SoundCloud-e1454022768553.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52307f0c20e0fca21c27e1dc761e8756ef21189a425648732347b14e9706e10d

Request headers

:path: /wp-content/uploads/2016/01/SoundCloud-e1454022768553.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4272272
cf-polished: origSize=2267
content-length: 1831
cf-request-id: 0a9cf91351000000852425a000000001
last-modified: Sat, 14 Apr 2018 16:22:59 GMT
server: cloudflare
etag: "5ad22ae3-8db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DV7RCOZtksIkSp0XzgirsEwYnE182rBm%2FVNBB9eWdVOqtxgStYiiqgvFCpQBqL8Br0q48aKYGM2iF1TBNXY3Ma7sBUttmqb7iMMhUKsIZB9WCs7OJbpDV%2F41aJwEKVnJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5dfeecea0085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 RSS-e1454022352382.png
21stcenturywire.com/wp-content/uploads/2016/01/ 2 KB
2 KB 35ms
34ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2016/01/RSS-e1454022352382.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8b3567a5f4ffd45076cc2d6dfbb74d6b626cd339e6bd646116128c31b4a152b

Request headers

:path: /wp-content/uploads/2016/01/RSS-e1454022352382.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4276411
cf-polished: origSize=2361
content-length: 1787
cf-request-id: 0a9cf91351000000851a975000000001
last-modified: Sat, 14 Apr 2018 15:34:24 GMT
server: cloudflare
etag: "5ad21f80-939"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t6EH%2FWY7mmOnwRKQZ88cTzFSU5Xj2vxEAHVUT%2Btx4yjwypE03HlN2OZ2iPEsHHkT0TMNsG54tPD%2FKgYm1ZD02GqPliiLOj7J7goKZ1nSiHsGeYne6uzOMu4eCm%2BiE5wj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5dfeeceb0085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 21-LOGO-230x115.png
21stcenturywire.com/wp-content/themes/magazine/images/ 15 KB
15 KB 37ms
36ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/themes/magazine/images/21-LOGO-230x115.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eec6edfea9c4a136280ff54dde6e77dc967dbd06e071049f35781368fd3a20ba

Request headers

:path: /wp-content/themes/magazine/images/21-LOGO-230x115.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4272272
cf-polished: origSize=17772
content-length: 14983
cf-request-id: 0a9cf9135200000085462a2000000001
last-modified: Fri, 13 Apr 2018 19:34:07 GMT
server: cloudflare
etag: "5ad1062f-456c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QkzcL9BI01Z3nsnfyAT0L%2Fti7W%2FF%2BmwGwgxb26FAJCiKO7loS%2BxfasjWV8BxmMWEO9YmHaehdC3T4vaZ3MwgfWhomwt1Wg1SDqjXRfsfrwPm2yNY%2BF7M%2B%2FCOM5VZvXeZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5dfeecec0085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 embed.js Show response
cdn.bannersnack.com/iframe/ 2 KB
1 KB 87ms
20ms Script
application/javascript 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersnack.com/iframe/embed.js
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56588d27873c81cf322f4aa1dc7a3ec636ed8bc7712ec9db11b57b733787c264

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fVq9YQW6xS7Ez3UnT1HdxwGLavIgZEhs
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 13:10:48 GMT
server: AmazonS3
age: 6131
etag: "455f3598d7a29ff0c93775d883f2b7ab"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
date: Fri, 11 Jun 2021 12:18:35 GMT
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 738
x-amz-cf-id: -KBVJYoYbQA0b4HYqrvsakhOI6VN1bB2Qhe6WrhMxBhmpwCREO1Htg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-37745304-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1310
date: Fri, 11 Jun 2021 13:38:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 11 Jun 2021 15:38:52 GMT

GET
H2 200 wp-emoji-release.min.js Show response
21stcenturywire.com/wp-includes/js/ 14 KB
5 KB 37ms
36ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 774126
cf-request-id: 0a9cf913520000008555138000000001
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
etag: W/"5ff5d754-3795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TnlG9wT28BEzl0%2FYD40QOtYt1%2BJabAmT%2BALRaSBLAvJxVmrbBAv91yITK2ahGtfYfIzzxfOesXRurcGn%2Fcg5tuz5uC%2BZxxH9HEv08jiBFwBVwDr2OUjHbwqIUrzlgaCA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dfeecee0085-LHR

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 wrap2.png
21stcenturywire.com/wp-content/themes/magazine/images/ 76 B
420 B 32ms
31ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/themes/magazine/images/wrap2.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db6e4f91b587ab92f4a560c2d50160482bf935f9e208fabe91f9c7e84028025f

Request headers

:path: /wp-content/themes/magazine/images/wrap2.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4272272
cf-polished: origSize=133
content-length: 76
cf-request-id: 0a9cf913530000008558813000000001
last-modified: Fri, 13 Apr 2018 19:34:08 GMT
server: cloudflare
etag: "5ad10630-85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MKxIqFvVSljLCQmlljal%2FDSFwdNB4p%2BcvbDRp01LyGZ1a4KoSTn%2FlXdB9xXlNMucJbrQlmjXpMsrSTvncrN3EEFNQqdE1dwwN8MMpk86vkbWrRlqItPMHsLQI6qHMmlL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5dfeecf30085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 widgets.js Show response
widget.spreaker.com/ 154 KB
50 KB 73ms
20ms Script
application/javascript 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.spreaker.com/widgets.js
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-33.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66c7a61bd3009b3d6005047c67d57c57b4895d1efd476f3e04fc5032c65cac51

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 13:55:58 GMT
content-encoding: gzip
age: 285
x-cache: Hit from cloudfront
content-length: 50568
access-control-allow-origin: *
last-modified: Wed, 14 Oct 2020 15:33:45 GMT
server: AmazonS3
etag: "a9492865dd58b2bade5758fd15466c02"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: ccnCelHdvC_Xq8NRZa2rvFNEwfh1RObnZGlQrFx9DIr5QZKLA_UWGg==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 35ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/6776)
Age: 600
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H2 200 cv.js Show response
21stcenturywire.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/ 23 KB
7 KB 47ms
42ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.1
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f82e361906e55cd1783e575ae254265dd8f9fca80959c795a201c3c0a24f7e04

Request headers

:path: /wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.4.0.1
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4278073
cf-polished: origSize=23743
cf-request-id: 0a9cf9136e000000855c865000000001
last-modified: Fri, 19 Mar 2021 20:40:43 GMT
server: cloudflare
etag: W/"60550c4b-5cbf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vtX8exnMwABKZltBMHO%2BM3krd%2FlzCKQpRCWjUr%2BIJFj7%2BleBvqr3HF09HyJCfpXWD7UgLynKVFJS%2FA%2BbLbVjvBJaW6eTY0lCFQ5LUWBkjae9wZ2o3a6gojfYwd2iYdtL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dff1d270085-LHR
cf-bgj: minify

GET
H2 200 comment_count.js Show response
21stcenturywire.com/wp-content/plugins/disqus-comment-system/public/js/ 708 B
667 B 39ms
34ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

:path: /wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1188690
cf-polished: origSize=889
cf-request-id: 0a9cf9136e000000857a3db000000001
last-modified: Fri, 28 May 2021 19:48:02 GMT
server: cloudflare
etag: W/"60b148f2-379"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wft4bJDlf4yiWDfgMM%2BIIGqsAemCcmLmrO3uthnJFkt7umm0qOiOy%2BG47k4AMvBiu6IkV%2F001W%2Bfg%2F4ojTlIaGN9t7B2pESVbm%2F0eBsmYTvzDSIEipCptr7%2FQzaV4FPD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dff1d280085-LHR
cf-bgj: minify

GET
H2 200 comment_embed.js Show response
21stcenturywire.com/wp-content/plugins/disqus-comment-system/public/js/ 878 B
790 B 41ms
36ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901

Request headers

:path: /wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1188689
cf-polished: origSize=1232
cf-request-id: 0a9cf913730000008525ab2000000001
last-modified: Fri, 28 May 2021 19:48:02 GMT
server: cloudflare
etag: W/"60b148f2-4d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dZUCAtj6kqgXxQaWNHWpIDPZYFIUPP%2F%2BVyOFH5OmMChT8eEJfzIcGfJlshDGU4U3v%2FJ71h78V%2BDOe5%2FbgfAftvmq1aD4nfJS2sDThdwM68svPXXFL9uqAFYjxT%2BkqbTl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dff1d2b0085-LHR
cf-bgj: minify

GET
H2 200 stripe-handler-ng.js Show response
21stcenturywire.com/wp-content/plugins/stripe-payments/public/assets/js/ 6 KB
2 KB 46ms
41ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/plugins/stripe-payments/public/assets/js/stripe-handler-ng.js?ver=2.0.46
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174f3696c8b999d49552e8ac8f7dcfb7db0887f757134c4e23329f9f770daf2a

Request headers

:path: /wp-content/plugins/stripe-payments/public/assets/js/stripe-handler-ng.js?ver=2.0.46
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 156675
cf-polished: origSize=8191
cf-request-id: 0a9cf9136f000000856d281000000001
last-modified: Wed, 09 Jun 2021 18:27:20 GMT
server: cloudflare
etag: W/"60c10808-1fff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jtcFnvHTdm6HDfnZ6wgZJcRkpD8WGl2TiB0dEsfj6acXmm8jJkKjO7h35TArIJvBVi3P9YOc99Y4wz9w%2FmSLlPirv0CI5JMzQ8EtfaE3lUxY1c63o9VTge4x3pQIFuz0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dff1d2e0085-LHR
cf-bgj: minify

GET
H2 200 comment-reply.min.js Show response
21stcenturywire.com/wp-includes/js/ 3 KB
2 KB 35ms
31ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-includes/js/comment-reply.min.js?ver=5.7.2
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=5.7.2
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 774127
cf-request-id: 0a9cf9136f000000853484c000000001
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: cloudflare
etag: W/"605cec4b-ba8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FqVqP%2BKRI46u0sZVmmIoAPwoFbWGp8ftc9LZTdM3yrQg5Kiwt5g%2FjGp%2BLEo8KlbXcMAD6prWsUwLoaLn%2BBY1%2FsbLON5Cc%2FD3nWtLOEbTAWhs6TqDZTxDNNUUEe%2FJnwcb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dff1d2f0085-LHR

GET
H2 200 hoverIntent.min.js Show response
21stcenturywire.com/wp-includes/js/ 1 KB
786 B 36ms
31ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4

Request headers

:path: /wp-includes/js/hoverIntent.min.js?ver=1.8.1
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4278073
cf-request-id: 0a9cf913700000008529aca000000001
last-modified: Tue, 26 Jan 2021 15:18:33 GMT
server: cloudflare
etag: W/"601032c9-462"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8EIyLaT%2BWgPPrXzcqDNW%2Bb2tbh6deDLNNZRPNEgzN%2FWq4Wp4jLDh0JVXtRCycy3cpPspYHCJHMFDZWD%2BHUbaQJCwL5Lc77sWvGA9w2ubLcyRfWeXty2NszPcrDm%2F0wcZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dff1d320085-LHR

GET
H2 200 superfish.min.js Show response
21stcenturywire.com/wp-content/themes/genesis/lib/js/menu/ 4 KB
2 KB 53ms
48ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327

Request headers

:path: /wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4278073
cf-request-id: 0a9cf91371000000851a215000000001
last-modified: Wed, 08 May 2019 16:37:17 GMT
server: cloudflare
etag: W/"5cd305bd-1193"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8rK0CPnbMgy7PdyCB0v7QpNtZkHWNazVY4eSamRgUWNRq0uHgYBFfvLntKjVdLJwjU0EVrMXa9WAVXNYb2xwaH8ube%2BnSPBP3LYHtv0EeOdk4Kx0wYKbB3nSS6%2F7ziGu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dff1d340085-LHR

GET
H2 200 superfish.args.min.js Show response
21stcenturywire.com/wp-content/themes/genesis/lib/js/menu/ 132 B
430 B 49ms
44ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=2.10.1
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5

Request headers

:path: /wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=2.10.1
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4278073
cf-request-id: 0a9cf913710000008572267000000001
last-modified: Wed, 08 May 2019 16:37:17 GMT
server: cloudflare
etag: W/"5cd305bd-84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BouDbevC7eUM9CAGddUIXZRn3Var3ZGH6SGfs%2FI0V03np5EpsXKCKl%2FfmlS2h5skga7jq6ZXTzR1sIizE7AZsS%2BF5iksFAiWGstxEFvLcsok325s6AOFrQNqZT5lLGfd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dff1d350085-LHR

GET
H2 200 superfish.compat.min.js Show response
21stcenturywire.com/wp-content/themes/genesis/lib/js/menu/ 109 B
416 B 38ms
34ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/themes/genesis/lib/js/menu/superfish.compat.min.js?ver=2.10.1
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aad03dd3214113034d4d498ce288551aea85b38bd9b0e0dcda9d0b02230dbdd

Request headers

:path: /wp-content/themes/genesis/lib/js/menu/superfish.compat.min.js?ver=2.10.1
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4278073
cf-request-id: 0a9cf9137200000085768c9000000001
last-modified: Wed, 08 May 2019 16:37:17 GMT
server: cloudflare
etag: W/"5cd305bd-6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C%2FQ9bbz6glsaeEWxwKcO8zrno8pL9AJk%2BYvSP2s3ff7B71KcXWrJ2PujxKlS8o2dhTXqt9FTWPdTC5ALAW%2F7b0qB4B6skuofJh97kil7cUxFRtTVgsrF%2B6ZfrdNwmWV4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dff1d360085-LHR

GET
H2 200 q2w3-fixed-widget.min.js Show response
21stcenturywire.com/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 39ms
35ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.3.0
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

:path: /wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.3.0
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4278073
cf-request-id: 0a9cf91372000000857cad5000000001
last-modified: Fri, 19 Mar 2021 20:41:08 GMT
server: cloudflare
etag: W/"60550c64-1108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=geXAQ23yiXUkbj0gKiQqk3CoRDqC4Jb2RPGM2g%2FyjO2AYdEmJPFKYa1ma1i6zKCCm4orZhi0%2BCwqpf%2F6TDXUQbZP97v5KpUd0Kg4E2mSxDj3kzEUEhWcJqapsEjtn8eS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dff1d370085-LHR

GET
H2 200 wp-embed.min.js Show response
21stcenturywire.com/wp-includes/js/ 1 KB
1 KB 40ms
36ms Script
application/javascript 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 774127
cf-request-id: 0a9cf913720000008551888000000001
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
etag: W/"5ff5d754-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OSNdWmdqTc44Pr03T7ODd3ElH1PaprdXbXQ3m8OCu6radS47OsTsMnSSoeANvEa%2B9xIpCKPAXAMwQ0ybukw40mydIX5ljuz9yiFrKuFopVRULCVOtWOa5q%2Fguh27f69k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 65db5dff1d390085-LHR

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1505582567&t=pageview&_s=1&dl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&ul=en-us&de=UTF-8&dt=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation%20-%2021st%20Century%20Wire&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=282137773&gjid=147204227&cid=933143162.1623420042&tid=UA-37745304-1&_gid=498966946.1623420042&_r=1&gtm=2ou690&did=dZGIzZG&z=461437586

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 14:00:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://21stcenturywire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1505582567&t=pageview&_s=1&dl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&ul=en-us&de=UTF-8&dt=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation%20-%2021st%20Century%20Wire&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1580100752&gjid=409712877&cid=933143162.1623420042&tid=UA-37745304-1&_gid=498966946.1623420042&_r=1&_slc=1&z=508436588

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 14:00:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://21stcenturywire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 35ms
11ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 13:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jun 2022 13:43:36 GMT

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 61ms
6ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/21stcenturywire_21stcenturywire_sticky.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 23:49:15 GMT
server: nginx
etag: W/"14f4-179e8e1610e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 2348

GET
H2 200 sjs.js Show response
cdn1.lockerdomecdn.com/embeds/ 17 KB
3 KB 19ms
13ms Script
application/javascript 151.139.241.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.lockerdomecdn.com/embeds/sjs.js
Requested by: Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/21stcenturywire_21stcenturywire_sticky.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: gzip
last-modified: Mon, 24 May 2021 16:45:53 GMT
server: nginx
etag: W/"4b1238444af4e820876b6750a0d87dbf"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 index.html Show response
cdn.bannersnack.com/banners/bzj529ipd/embed/ Frame 6DE1 7 KB
3 KB 445ms
445ms Document
text/html 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersnack.com/banners/bzj529ipd/embed/index.html?t=1620159076&userId=10086691
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/iframe/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec24f4577fe947b18d7aca8e2655dc5f54201573b27c5ca03f9709b96bf44bf7

Request headers

:method: GET
:authority: cdn.bannersnack.com
:scheme: https
:path: /banners/bzj529ipd/embed/index.html?t=1620159076&userId=10086691
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://21stcenturywire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

content-type: text/html
content-length: 2339
date: Fri, 11 Jun 2021 14:00:43 GMT
last-modified: Tue, 04 May 2021 20:11:42 GMT
etag: "0046cdba5850abf5e4edb30f94993843"
content-encoding: gzip
x-amz-version-id: BDMrHBwQ8JMRtZEMDnGUI5bjUcCn74RO
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: 7JvXyRXHsJm_VnfSBSl0oLodqSUTH4lrct6XflN2Fp1zScTMSBi-5w==

GET
H2 200 index.html Show response
cdn.bannersnack.com/banners/bhkm4pmcr/embed/ Frame E604 7 KB
3 KB 449ms
449ms Document
text/html 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/index.html?t=1620397923&userId=10086691&responsive=true
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/iframe/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27b1266545523cfe4d4d18620cd683df5d759671ab4593a6aa483de734cf19a0

Request headers

:method: GET
:authority: cdn.bannersnack.com
:scheme: https
:path: /banners/bhkm4pmcr/embed/index.html?t=1620397923&userId=10086691&responsive=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://21stcenturywire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

content-type: text/html
content-length: 2338
date: Fri, 11 Jun 2021 14:00:43 GMT
last-modified: Fri, 07 May 2021 14:32:34 GMT
etag: "e929474d9791db8b1a8a1abe5c443c50"
content-encoding: gzip
x-amz-version-id: xMUIuWYBnGVP6GkzJen6SYfUtPzjlS3A
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: 6-v0z5fDxXQiN1zCHe0FAXzcu4PI4-vqPH6lfxQ6PehrgvoIkPtFYg==

GET
H2 200 subnav.png
21stcenturywire.com/wp-content/themes/magazine/images/ 99 B
424 B 39ms
39ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/themes/magazine/images/subnav.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d709d8f1dd973ae36fbd805efdc6f94b182ee2e570d7e2c5bdcdb01d66d03ddf

Request headers

:path: /wp-content/themes/magazine/images/subnav.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4267382
cf-polished: origSize=1037
content-length: 99
cf-request-id: 0a9cf913a500000085800d3000000001
last-modified: Fri, 13 Apr 2018 19:34:08 GMT
server: cloudflare
etag: "5ad10630-40d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iHdkyYh1pA4TjFztDoU4EG3Y5AHjUoDrO4gJ4ry9FSpAVJhQAlrCBtg6a4slRS9MNpnRpNN7l5vA3jNygrtpg%2Fvft8n8fAOrFjzYvJehm99MexAaOURY%2F5hiSUe5SKuK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5dff6d970085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 inner.png
21stcenturywire.com/wp-content/themes/magazine/images/ 101 B
486 B 29ms
28ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/themes/magazine/images/inner.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1923cb6de11000ec2819490c7ddb539fdba50ae6ca918805623a33898c81d89

Request headers

:path: /wp-content/themes/magazine/images/inner.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4272272
cf-polished: origSize=1048
content-length: 101
cf-request-id: 0a9cf913a9000000855513e000000001
last-modified: Fri, 13 Apr 2018 19:34:07 GMT
server: cloudflare
etag: "5ad1062f-418"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9eJCrtmtB0obLlD19njNUTICk3qsAFJuCqxZBY7teI4P%2B2Mq50fWiPHxrHRrwHWte6xImdFkbOytQiQGHsQxyeWBWdHgYhpmnZzQq%2BsTLjfOsXkxkLeWIguUYYGA0HCb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5dff7da20085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 icon-time.png
21stcenturywire.com/wp-content/themes/magazine/images/ 225 B
722 B 29ms
28ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/themes/magazine/images/icon-time.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604188f4583e73798e660c7697e3eab1d66d8aa5d6417c64d3d99ef92a0283be

Request headers

:path: /wp-content/themes/magazine/images/icon-time.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4287011
cf-polished: origSize=1263
content-length: 225
cf-request-id: 0a9cf913aa000000855c868000000001
last-modified: Fri, 13 Apr 2018 19:34:08 GMT
server: cloudflare
etag: "5ad10630-4ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F1AM74EtQmb1mCnjtNhyFIQMM576G8hH1m7zOWUmYBUVGTq1QhWBM2LNEj6coMQeYNgSsSqI4HxduUHjKkGvo%2B%2FHRfD%2FRgIHvsrWMXzRo0iklefR5xE5oJYLCXmURG61"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5dff7da30085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 icon-comments.png
21stcenturywire.com/wp-content/themes/magazine/images/ 163 B
518 B 31ms
30ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/themes/magazine/images/icon-comments.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3989b833a079189220e16e0f400a6e388d29dfee3989441b870a06d2a5416cef

Request headers

:path: /wp-content/themes/magazine/images/icon-comments.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4287781
cf-polished: origSize=1137
content-length: 163
cf-request-id: 0a9cf913aa000000854c870000000001
last-modified: Fri, 13 Apr 2018 19:34:09 GMT
server: cloudflare
etag: "5ad10631-471"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sjloLsOfKlzRGb%2B1dGDMQKsFOy6Mm%2BBRqW9QRb7Rc0K6UppkOE7%2BOLLvPBY7qYIVcxDwxkVmI5KZZ4gEs9Q%2FJsDMjtpD1TLSZ0FGv1qsp%2F0N3bE4EC3JpBGdLv3TAjiU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5dff7da40085-LHR
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 745caffca4b97cf5cf2374d82c6dfb6fb7c7b694e85432f92ec4dcb35f4418c9

Request headers

Origin: https://21stcenturywire.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 1-Bellingcat.jpg
21stcenturywire.com/wp-content/uploads/2019/07/ 184 KB
184 KB 918ms
918ms Image
image/jpeg 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2019/07/1-Bellingcat.jpg
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cca5c2f7dd5ba830290381fc92eb6040b622f6c5e648808bb7446737e0717229

Request headers

:path: /wp-content/uploads/2019/07/1-Bellingcat.jpg
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 188094
cf-request-id: 0a9cf91405000000851716d000000001
last-modified: Sun, 15 Dec 2019 16:13:13 GMT
server: cloudflare
etag: "5df65b99-2debe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Y5KPN61KzPH06V3myzSG6Hs74DvxuX1gg0jDx4fXnR2XVS92hH4Z8T8Szs3xkYR5BqoTxvKKbwGo1LHsGASARLy6qkNySJi0Us8abr8CG4XpMitvmgMA3JMfG4dZhV49"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5e000e490085-LHR

GET
H2 200 OSINT.jpg
southfront.org/wp-content/uploads/2019/07/ 2 MB
2 MB 50ms
25ms Image
image/jpeg 116.202.174.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://southfront.org/wp-content/uploads/2019/07/OSINT.jpg

Requested by

Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

116.202.174.190 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

southfront.org

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

50ce71f24de8526445b1f88617f1db8cb6f7405a74d2e35d5f411b76481a2e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
last-modified: Mon, 15 Jul 2019 17:00:56 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "5d2cb148-1e778b"
strict-transport-security: max-age=15768000
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1996683
expires: Sun, 11 Jul 2021 14:00:42 GMT

GET
H2 200 index.html Show response
cdn.bannersnack.com/banners/bdxplhkx4/embed/ Frame AEE1 7 KB
3 KB 463ms
463ms Document
text/html 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersnack.com/banners/bdxplhkx4/embed/index.html?t=1620159446&userId=10086691&responsive=true
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/iframe/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 490ff26c60a3a4e5af5d03654dd3bf923c0e55776e8e4f9cb00e182e44197267

Request headers

:method: GET
:authority: cdn.bannersnack.com
:scheme: https
:path: /banners/bdxplhkx4/embed/index.html?t=1620159446&userId=10086691&responsive=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://21stcenturywire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

content-type: text/html
content-length: 2322
date: Fri, 11 Jun 2021 14:00:43 GMT
last-modified: Tue, 04 May 2021 20:18:49 GMT
etag: "01afb9f88bf76bb4b00baa9c11079091"
content-encoding: gzip
x-amz-version-id: AUgObHmAm17JfL.0_Og97htGSlkbP6uX
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: p9ctNgdadIiOOLQIuaNcUaF2yEXvMZnLZALStjbOaB-Mxh5PGzx59A==

GET
H2 200 index.html Show response
cdn.bannersnack.com/banners/bx9fwkh72/embed/ Frame 63C9 9 KB
3 KB 449ms
449ms Document
text/html 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersnack.com/banners/bx9fwkh72/embed/index.html?t=1622214949&userId=10086691&responsive=true
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/iframe/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d2b9a8991b63632fa5ff8541baa0e98044dcd09350188cdc1f13cde4d99c307

Request headers

:method: GET
:authority: cdn.bannersnack.com
:scheme: https
:path: /banners/bx9fwkh72/embed/index.html?t=1622214949&userId=10086691&responsive=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://21stcenturywire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

content-type: text/html
content-length: 2899
last-modified: Fri, 28 May 2021 15:19:06 GMT
content-encoding: gzip
x-amz-version-id: SwRDXT6Zx.j7U.P.ee_LH8.0gfsb2tyc
accept-ranges: bytes
server: AmazonS3
date: Fri, 11 Jun 2021 14:00:43 GMT
etag: "b490663ba582f687619b9fd431517223"
x-cache: RefreshHit from cloudfront
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: w4o8FswucqcTgor46-kc05c0y5RABcLtdxpZAA7zwnrWv9IM-hR4xw==

GET
H2 200 icon-categories.png
21stcenturywire.com/wp-content/themes/magazine/images/ 236 B
560 B 31ms
31ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/themes/magazine/images/icon-categories.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 562659df3a2438e17efdc5ef4410415027e4fda31f1ea47e04bf8f5f6ef0ebb3

Request headers

:path: /wp-content/themes/magazine/images/icon-categories.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4272272
cf-polished: origSize=1270
content-length: 236
cf-request-id: 0a9cf914150000008585184000000001
last-modified: Fri, 13 Apr 2018 19:34:08 GMT
server: cloudflare
etag: "5ad10630-4f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jV8BHlwfZVCAUvvFKa4XgmyyGAROIpsQ2MbrCDhj6vFa34VgTr2XVuVUsX3Tx8aGPZ4RotOCtKuSknzW%2BLihxw8TN4%2Fp5m4yJ%2BOYdKco%2FjMhokBUJ74eyzKLFf8DY3Rn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5e002e6b0085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 icon-tags.png
21stcenturywire.com/wp-content/themes/magazine/images/ 294 B
672 B 32ms
31ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/themes/magazine/images/icon-tags.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f079e2b8a739d5b127fc2e19c979b96112b58808c5a415b358f7fb0f715b6666

Request headers

:path: /wp-content/themes/magazine/images/icon-tags.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4272272
cf-polished: origSize=533
content-length: 294
cf-request-id: 0a9cf9141600000085333de000000001
last-modified: Fri, 13 Apr 2018 19:34:10 GMT
server: cloudflare
etag: "5ad10632-215"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0vNyLyjZ4OymT76X3O1AoMu4uU6K%2F4VdyStreq8fm51UMLnOmKvqxogn%2FcMhwOAZsK%2BzQrbdBS4qoBTrOv4hc2J5i117jrOgsF10SYFVcQHJk5dKM1WUa80z9OEPBv9P"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5e002e6c0085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 index.html Show response
cdn.bannersnack.com/banners/bzj529ipd/embed/ Frame 5FCF 7 KB
3 KB 432ms
431ms Document
text/html 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersnack.com/banners/bzj529ipd/embed/index.html?t=1620159076&userId=10086691
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/iframe/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec24f4577fe947b18d7aca8e2655dc5f54201573b27c5ca03f9709b96bf44bf7

Request headers

:method: GET
:authority: cdn.bannersnack.com
:scheme: https
:path: /banners/bzj529ipd/embed/index.html?t=1620159076&userId=10086691
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://21stcenturywire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

content-type: text/html
content-length: 2339
last-modified: Tue, 04 May 2021 20:11:42 GMT
content-encoding: gzip
x-amz-version-id: BDMrHBwQ8JMRtZEMDnGUI5bjUcCn74RO
accept-ranges: bytes
server: AmazonS3
date: Fri, 11 Jun 2021 14:00:43 GMT
etag: "0046cdba5850abf5e4edb30f94993843"
x-cache: RefreshHit from cloudfront
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: Ico--M7l-PW7K8AUpF_qccFpOUm1z6vZdPXt6nS1T4PPFKU2GkkqTg==

GET
H2 200 index.html Show response
cdn.bannersnack.com/banners/bhkm4pmcr/embed/ Frame 847B 7 KB
3 KB 431ms
430ms Document
text/html 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/index.html?t=1620397923&userId=10086691&responsive=true
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/iframe/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27b1266545523cfe4d4d18620cd683df5d759671ab4593a6aa483de734cf19a0

Request headers

:method: GET
:authority: cdn.bannersnack.com
:scheme: https
:path: /banners/bhkm4pmcr/embed/index.html?t=1620397923&userId=10086691&responsive=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://21stcenturywire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

content-type: text/html
content-length: 2338
last-modified: Fri, 07 May 2021 14:32:34 GMT
content-encoding: gzip
x-amz-version-id: xMUIuWYBnGVP6GkzJen6SYfUtPzjlS3A
accept-ranges: bytes
server: AmazonS3
date: Fri, 11 Jun 2021 14:00:43 GMT
etag: "e929474d9791db8b1a8a1abe5c443c50"
x-cache: RefreshHit from cloudfront
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: VMoSJiD3JKCytgdVcGO03fVVGF-3aDbPfYezcT11Pf_fCo6cRVAemQ==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 40ms
9ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 18 Jun 2021 14:00:42 GMT

GET
H/1.1 200
OK count.js Show response
21stcenturywire.disqus.com/ 1 KB
1 KB 44ms
6ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://21stcenturywire.disqus.com/count.js

Requested by

Host: 21stcenturywire.com
URL: https://21stcenturywire.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 166
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Jun 2021 20:18:32 GMT
Server: nginx
ETag: "60c27398-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: -dGWDOMxH1g8Wb_W43DIcnfn9TAal9a7s-2FcvBSC92sAEKM6zw-1Q==

GET
H/1.1 200
OK embed.js Show response
21stcenturywire.disqus.com/ 75 KB
25 KB 203ms
166ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://21stcenturywire.disqus.com/embed.js

Requested by

Host: 21stcenturywire.com
URL: https://21stcenturywire.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

790b5941a2bd1d9a3ba3759ff82b2abdb8a594b24facfe8cf06bf89b6f0b59a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:42 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24765

GET
H2 200 footer.png
21stcenturywire.com/wp-content/themes/magazine/images/ 116 B
584 B 32ms
32ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/themes/magazine/images/footer.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb7347b5739e298dc31fccccb5ccfe4b856e5969cceea4e10a5cff808263f22d

Request headers

:path: /wp-content/themes/magazine/images/footer.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/wp-content/themes/magazine/style.css?ver=2.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4267382
cf-polished: origSize=1081
content-length: 116
cf-request-id: 0a9cf9143b000000853b9f8000000001
last-modified: Fri, 13 Apr 2018 19:34:09 GMT
server: cloudflare
etag: "5ad10631-439"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BJ67qMx9JWmWMoIjra0knpxLyOZxs8yF0jF2H4htwwruebi6xQIyuogrmdfjSRVQ855H0mSH%2Fo649MjXX5onNyu6rVtipCLtBJRlt4AoLc%2FSp43Sjz2Hx95uEkAXWGbf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5e005eb40085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 player Show response
widget.spreaker.com/ Frame 6DF6 10 KB
4 KB 71ms
70ms Document
text/html 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.spreaker.com/player?episode_id=45187356&theme=light&playlist=false&playlist-continuous=true&playlist-loop=false&playlist-autoupdate=true&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=right&hide-likes=false&hide-comments=false&hide-sharing=false&hide-logo=false&hide-download=true&hide-episode-description=false&hide-playlist-images=false&hide-playlist-descriptions=false&gdpr-consent=null&cover_image_url=https://d3wo5wojvuv7l.cloudfront.net/images.spreaker.com/original/5b9d2cf8d9c4d84442a10de9204e9ec3.jpg

Requested by

Host: widget.spreaker.com
URL: https://widget.spreaker.com/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-33.fra50.r.cloudfront.net

Software

Spreaker Proxy Cache /

Resource Hash

b70d45c58ecabf13610dbf21d2997af3e9af9e738cc036362eebcb58f714997c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: widget.spreaker.com
:scheme: https
:path: /player?episode_id=45187356&theme=light&playlist=false&playlist-continuous=true&playlist-loop=false&playlist-autoupdate=true&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=right&hide-likes=false&hide-comments=false&hide-sharing=false&hide-logo=false&hide-download=true&hide-episode-description=false&hide-playlist-images=false&hide-playlist-descriptions=false&gdpr-consent=null&cover_image_url=https://d3wo5wojvuv7l.cloudfront.net/images.spreaker.com/original/5b9d2cf8d9c4d84442a10de9204e9ec3.jpg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://21stcenturywire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

content-type: text/html; charset=utf-8
date: Fri, 11 Jun 2021 14:00:42 GMT
server: Spreaker Proxy Cache
cache-control: max-age=10, stale-while-revalidate=3, no-transform
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
x-spreaker-from-cache: true
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: IspyLQ0w9fNx0EAVvBclU9UevzwjR3c9enLz3ZZnrhYG2D_aPdBwdg==
age: 0

GET
H2 200 styles.css
a.mailmunch.co/app/v1/ 21 KB
3 KB 21ms
20ms Stylesheet
text/css 2600:9000:211a:be00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/styles.css
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:be00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 13:57:17 GMT
content-encoding: gzip
age: 206
x-cache: Hit from cloudfront
content-length: 2274
access-control-allow-origin: *
last-modified: Fri, 11 Jun 2021 11:41:40 GMT
server: AmazonS3
etag: "87f80b0559a5308556b3cae7ce25ea3e"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/css
via: 1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: ZyfsNgy35aQGq4iFXu13oBhUQ4gwzASWps1oI0ZyYkR-xQlkDMDYAQ==

GET
H/1.1 200
OK 653704 Show response
forms.mailmunch.co/sites/ 89 B
574 B 383ms
153ms XHR
application/json 52.0.242.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.mailmunch.co/sites/653704
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.242.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-242-214.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 352edca3938ab4b63ec240318bf425a831cd30d77ce1b4177178a9a50356c8e2

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:42 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"59-Yh5iXF0rCn7CvCzyBi5CsmMg7zQ"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-MM-Comp-Tracking, X-MM-EU-Continent, X-MM-T
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-MM-Form-Tool, X-MM-Coupons
Content-Length: 89

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 18E1 319 KB
103 KB 11ms
11ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2F21stcenturywire.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://21stcenturywire.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 62148
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 11 Jun 2021 14:00:42 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BA)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 LTON-300x250-1.png
21stcenturywire.com/wp-content/uploads/2021/05/ 129 KB
129 KB 51ms
46ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2021/05/LTON-300x250-1.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0ce55dfa460ff8cda11cd8900dcab34d70b111e884794adb408e3ae753de1ca

Request headers

:path: /wp-content/uploads/2021/05/LTON-300x250-1.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1; mailmunch_second_pageview=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1199820
cf-polished: origSize=163225
content-length: 132042
cf-request-id: 0a9cf914940000008517176000000001
last-modified: Fri, 28 May 2021 16:25:27 GMT
server: cloudflare
etag: "60b11977-27d99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pgF3QJTMjQClf1Qi9VNMIonrstnA08GqQptSIXFD1ul7tiC9F0ZrOIBsy19wQ2MKitj2YX82X7I0gOWD1QVcVA4L5NyTww%2B%2BfNNygX7iYK2RjRluGMohuB9gCZ%2B8LYX8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5e00ef7d0085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 Vaccine-Springstein-and-Grohl-280x150.png
21stcenturywire.com/wp-content/uploads/2021/06/ 56 KB
57 KB 43ms
38ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2021/06/Vaccine-Springstein-and-Grohl-280x150.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db55e0523e546c7ed0b6344fadc23c5a0a67454915d082197b5e3ee474bca785

Request headers

:path: /wp-content/uploads/2021/06/Vaccine-Springstein-and-Grohl-280x150.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1; mailmunch_second_pageview=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 95890
cf-polished: origSize=65007
content-length: 57814
cf-request-id: 0a9cf914940000008582975000000001
last-modified: Thu, 10 Jun 2021 11:17:53 GMT
server: cloudflare
etag: "60c1f4e1-fdef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zRectxWoCty1NZr4YrbWtm%2Faz%2B%2BCGqyzrDAX5jK6U2F9lp3lXnmDYHFwNulZAin06BGW24E0%2FqJo5YeK%2FwJv81y%2BuRRbQ9eyqfzfr3FGp6AneXuB8KvtEXKCrfKv%2FTXy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5e00ef7f0085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 1-Dr-Veron-Coleman-280x150.jpg
21stcenturywire.com/wp-content/uploads/2020/06/ 11 KB
11 KB 35ms
30ms Image
image/jpeg 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2020/06/1-Dr-Veron-Coleman-280x150.jpg
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c018c588d631bbb954fb63cdbb6b3ad69c4a77153232aaa8487d4469757b1fe

Request headers

:path: /wp-content/uploads/2020/06/1-Dr-Veron-Coleman-280x150.jpg
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1; mailmunch_second_pageview=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 98102
cf-polished: origSize=20492
content-length: 10921
cf-request-id: 0a9cf9149500000085333e4000000001
last-modified: Tue, 09 Jun 2020 09:40:57 GMT
server: cloudflare
etag: "5edf5929-500c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UFkD9IpWNK2bqVECq1YvrY0xlIRXA9Xi6JnDqodAWEPn8viLerI4CZi03vu9oF5EwJkw%2FzB6bzv2AYXeiqQmKzZ21Orrd3dxGBgoi3SOk7LoE0J9cLAoUKYnP3zoUltw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5e00ef810085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 antiwar-tweet-img-israel-strikes-syria-8jun2021-280x150.jpeg
21stcenturywire.com/wp-content/uploads/2021/06/ 6 KB
7 KB 44ms
39ms Image
image/jpeg 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2021/06/antiwar-tweet-img-israel-strikes-syria-8jun2021-280x150.jpeg
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03623c93a2031f456d79f4edc5b3b683eed0dd31363d8263b581926c5c418c98

Request headers

:path: /wp-content/uploads/2021/06/antiwar-tweet-img-israel-strikes-syria-8jun2021-280x150.jpeg
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1; mailmunch_second_pageview=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 153875
cf-polished: origSize=6836
content-length: 6624
cf-request-id: 0a9cf9149900000085333e5000000001
last-modified: Wed, 09 Jun 2021 19:05:02 GMT
server: cloudflare
etag: "60c110de-1ab4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hlRu1vsZ0tvKeIYEAerKXkq4KSuLrRhlZ7c7bA2EvrMuaD78kFl1Gik%2F42skRe4PSRJTR56i%2FELSiF7EbnEibsl9Otou8NGqP3fKTxTREUX%2BCj1mqGEA7tIvAM3lVMF2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5e00ef820085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 SARS-CoV2_Terrain-Theory-280x150.png
21stcenturywire.com/wp-content/uploads/2021/06/ 67 KB
67 KB 45ms
41ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2021/06/SARS-CoV2_Terrain-Theory-280x150.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2df2edc5efc917d87583e42f70ec52b09ca4f1123c13462460b548139151b8e7

Request headers

:path: /wp-content/uploads/2021/06/SARS-CoV2_Terrain-Theory-280x150.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1; mailmunch_second_pageview=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 163547
cf-polished: origSize=75707
content-length: 68159
cf-request-id: 0a9cf9149500000085800e3000000001
last-modified: Wed, 09 Jun 2021 16:34:36 GMT
server: cloudflare
etag: "60c0ed9c-127bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vbp2CFcWOGlDsIfxXJQals42gO4HuuWi9Z6U9Mj3vFU9Z2y50tKO6qCz6BqQKPWO7H6yhP285ectPYHCojJ5SKo83PQyh0U1atkATG0stYDPKOJIk4MxIX88EeOkEImo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5e00ef830085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 MACRON-SLAP-280x150.png
21stcenturywire.com/wp-content/uploads/2021/06/ 32 KB
33 KB 44ms
40ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2021/06/MACRON-SLAP-280x150.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 834bf128294a8851e0899a8491a0c11461ed86783907cc0dcc1e6ce58a0c1e97

Request headers

:path: /wp-content/uploads/2021/06/MACRON-SLAP-280x150.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1; mailmunch_second_pageview=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 236672
cf-polished: origSize=37469
content-length: 33012
cf-request-id: 0a9cf91495000000850f0d5000000001
last-modified: Tue, 08 Jun 2021 20:11:17 GMT
server: cloudflare
etag: "60bfcee5-925d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SWghTDojaRhm%2BWCpFmZcUR7%2Fk%2FG7jACQOEu4BtRuvSWrKDoa87IWHCCY6o9TISUmCUvsw7UIsSffFowIsQwy%2FeVK9AiwWFGL%2B8QurtLs29cp6LWKKUzs%2BDIevcDL%2FSr7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5e00ef850085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 Brian-Gerrish-Reiner-Fuellmich-280x150.jpg
21stcenturywire.com/wp-content/uploads/2021/06/ 20 KB
21 KB 51ms
44ms Image
image/jpeg 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2021/06/Brian-Gerrish-Reiner-Fuellmich-280x150.jpg
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68c1dd48334a858ea5edf94aa258fe15ab5ebcb970eac296778222b2b9743505

Request headers

:path: /wp-content/uploads/2021/06/Brian-Gerrish-Reiner-Fuellmich-280x150.jpg
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1; mailmunch_second_pageview=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 344428
cf-polished: origSize=31593
content-length: 20990
cf-request-id: 0a9cf91495000000850eba3000000001
last-modified: Mon, 07 Jun 2021 14:18:51 GMT
server: cloudflare
etag: "60be2acb-7b69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iMwRlmo38WYdpRJz63qqqrF8an%2B9f8IXUFMigkr%2Br45K%2FC3JJE2tGaABVq4%2FjLTUNtqF5mQbFbuRAKmrg4qIA%2BMGbIS97OotFel11tG%2B2shOlAqK%2FnZ47KLF%2BaR2gJcX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5e00ef880085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 COVID-vaccine-deaths-280x150.png
21stcenturywire.com/wp-content/uploads/2021/06/ 56 KB
57 KB 36ms
29ms Image
image/png 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2021/06/COVID-vaccine-deaths-280x150.png
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b45dbb6a7182193818728c4dd26a5b67007ea1a489bf7c9bb80d52fe15a4af

Request headers

:path: /wp-content/uploads/2021/06/COVID-vaccine-deaths-280x150.png
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1; mailmunch_second_pageview=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 346882
cf-polished: origSize=65407
content-length: 57570
cf-request-id: 0a9cf9149600000085768d9000000001
last-modified: Mon, 07 Jun 2021 13:35:11 GMT
server: cloudflare
etag: "60be208f-ff7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Hz4yiXTEClKiYDX1gM%2F0Ev0ww6siCuZ3nTNp2wWcA8%2Bxb7EI0%2B%2FpbrP8OIJptFAjQ6FPHhP3gyNZx7qMDK%2ByKb1zPi5MkG1iCPJfq%2FfBS5isPScwEkmlTlNZ5XIKZ1BT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5e00ef890085-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 Vaccine-Safety-280x150.jpg
21stcenturywire.com/wp-content/uploads/2021/06/ 17 KB
17 KB 33ms
26ms Image
image/jpeg 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21stcenturywire.com/wp-content/uploads/2021/06/Vaccine-Safety-280x150.jpg
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b06ce8ee5af8a32d102008a6529111ce2f62c194274878a6c7a6bf00b9c695e

Request headers

:path: /wp-content/uploads/2021/06/Vaccine-Safety-280x150.jpg
pragma: no-cache
cookie: asp_transient_id=34b587ff0c74372369a2cb5b90beb80c; _ga=GA1.2.933143162.1623420042; _gid=GA1.2.498966946.1623420042; _gat_gtag_UA_37745304_1=1; _gat=1; mailmunch_second_pageview=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 349156
cf-polished: origSize=26642
content-length: 17223
cf-request-id: 0a9cf914960000008529adb000000001
last-modified: Mon, 07 Jun 2021 12:49:26 GMT
server: cloudflare
etag: "60be15d6-6812"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mCJ%2BJ28P0R5kX7p%2FygSWwxsnPFHu%2BAxZMZ1cbd4ChoFJk%2BXI5EvhLYQ9Citk0d2bgE4HeyQ6dlTMzbq5li0Cu2yLtk7R4oG1Ll%2FMwfVCTNygmbScNjYZv2bIZ%2FgBDr4u"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65db5e00ef8a0085-LHR
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK / Show response
w.soundcloud.com/player/ Frame 3E1B 1 KB
1 KB 280ms
206ms Document
text/html 99.86.241.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1005066571&color=%23cc9900&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true

Requested by

Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.241.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-241-30.vie50.r.cloudfront.net

Software

am/2 /

Resource Hash

5a372245a42811bac74a1f84385ac6efa48fcf9088189a73b0c5156d68197454

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Host: w.soundcloud.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://21stcenturywire.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Via: sssr, 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
p3p: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
Cache-Control: public, max-age=300
Date: Fri, 11 Jun 2021 14:00:42 GMT
strict-transport-security: max-age=63072000
Server: am/2
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: X1k-d3MhFsQvrsiFa--PD98N_tmox3ymspQTgZugASmGcWn75a8RWg==

GET
H/1.1 200
OK 12258972111681382 Show response
lockerdome.com/lad/ Frame E736 1 KB
2 KB 471ms
122ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/12258972111681382?pubid=ld-7602-9870&pubo=https%3A%2F%2F21stcenturywire.com&rid=&width=590
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://21stcenturywire.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Fri, 11 Jun 2021 14:00:42 GMT

GET
H/1.1 200
OK 13429743756194918 Show response
lockerdome.com/lad/ Frame 9396 1 KB
2 KB 483ms
135ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/13429743756194918?pubid=ld-4931-8637&pubo=https%3A%2F%2F21stcenturywire.com&rid=&width=291
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://21stcenturywire.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Fri, 11 Jun 2021 14:00:42 GMT

GET
H/1.1 200
OK 14030474624578662 Show response
lockerdome.com/lad/ Frame 64DC 1 KB
2 KB 483ms
135ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/14030474624578662?pubid=ld-14030474624578662&pubo=https%3A%2F%2F21stcenturywire.com&rid=&width=1560
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://21stcenturywire.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Fri, 11 Jun 2021 14:00:42 GMT

GET
H2 200 rules-p-hXEj-jK0j8q7s.js Show response
rules.quantcount.com/ 3 B
436 B 67ms
21ms Script
application/javascript 2600:9000:206e:600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-hXEj-jK0j8q7s.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 00:46:10 GMT
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
age: 47673
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 21:10:24 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: KlEPtQA14jwHaUN_IN5-OuGlAhsjhDfqcOO1ejpeEYmXfy8Eu5tEoA==

GET
H/1.1 200
OK count-data.js Show response
21stcenturywire.disqus.com/ 280 B
817 B 112ms
112ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://21stcenturywire.disqus.com/count-data.js?1=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357

Requested by

Host: 21stcenturywire.disqus.com
URL: https://21stcenturywire.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a0df3ad5d289914b0e20859cefe94a6a9af44ee31b3b11d79a01d376d6faeabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:42 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 280
X-XSS-Protection: 1; mode=block

GET
H2 200 player-base-5f13a344dbf28ff80a2b.js Show response
widget.spreaker.com/ Frame 6DF6 791 KB
210 KB 22ms
21ms Script
application/javascript 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.spreaker.com/player-base-5f13a344dbf28ff80a2b.js
Requested by: Host: widget.spreaker.com
URL: https://widget.spreaker.com/player?episode_id=45187356&theme=light&playlist=false&playlist-continuous=true&playlist-loop=false&playlist-autoupdate=true&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=right&hide-likes=false&hide-comments=false&hide-sharing=false&hide-logo=false&hide-download=true&hide-episode-description=false&hide-playlist-images=false&hide-playlist-descriptions=false&gdpr-consent=null&cover_image_url=https://d3wo5wojvuv7l.cloudfront.net/images.spreaker.com/original/5b9d2cf8d9c4d84442a10de9204e9ec3.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-33.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f22be6574f9c4db228ea0ecf2c5508c0091b37748a0c78742dbf9e178c98682a

Request headers

Referer: https://widget.spreaker.com/player?episode_id=45187356&theme=light&playlist=false&playlist-continuous=true&playlist-loop=false&playlist-autoupdate=true&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=right&hide-likes=false&hide-comments=false&hide-sharing=false&hide-logo=false&hide-download=true&hide-episode-description=false&hide-playlist-images=false&hide-playlist-descriptions=false&gdpr-consent=null&cover_image_url=https://d3wo5wojvuv7l.cloudfront.net/images.spreaker.com/original/5b9d2cf8d9c4d84442a10de9204e9ec3.jpg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:55:48 GMT
content-encoding: gzip
age: 1818295
x-cache: Hit from cloudfront
content-length: 214109
access-control-allow-origin: *
last-modified: Fri, 21 May 2021 12:55:20 GMT
server: AmazonS3
etag: "44466cee8c215d77c95256801bbe0245"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: JJNojyHJ105FI8il6V7jNvXnnDUl4SPOyBZdFtCSBk4NMtwCdvL2nA==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 18E1 256 B
442 B 161ms
118ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=f81a4b09c888d88f72539246567558e5d06b58b0

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2F21stcenturywire.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:41 GMT
content-encoding: gzip
last-modified: Fri, 11 Jun 2021 14:00:42 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 5565cb2dfc7943a58104ef356453f90a4888b3f7e640fb0e3bd30030e5513b38
content-length: 176

GET
H2 200 lounge.567531e1abfac5c88f2ef94b952d12ba.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 69ms
23ms Other
text/css 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Requested by

Host: 21stcenturywire.disqus.com
URL: https://21stcenturywire.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329426
x-cache: Hit from cloudfront
content-length: 25570
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-63e2"
content-type: text/css; charset=utf-8
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: LJ11Lt33I1aTePi-AKcp93Qcfqbwqg7sGIfSwqopua55ZkMaJIGibA==
x-cache-hits: 0

GET
H2 200 common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
c.disquscdn.com/next/embed/ 0
93 KB 69ms
23ms Other
application/javascript 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Requested by

Host: 21stcenturywire.disqus.com
URL: https://21stcenturywire.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329426
x-cache: Hit from cloudfront
content-length: 94800
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-17250"
content-type: application/javascript; charset=utf-8
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: 6jWbT15xX2Wd7jRhSX6K86pU495zxpefnPGFfeNu4SiGTKAzrAm2LA==
x-cache-hits: 0

GET
H2 200 lounge.bundle.ac702132ea5e06471da27768120c5978.js
c.disquscdn.com/next/embed/ 0
118 KB 68ms
23ms Other
application/javascript 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Requested by

Host: 21stcenturywire.disqus.com
URL: https://21stcenturywire.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329426
x-cache: Hit from cloudfront
content-length: 120382
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-1d63e"
content-type: application/javascript; charset=utf-8
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: 3anW_US8RoB4pdaMhlz0nCaTvna9M9aCnfLfkDw4g7B0fe0UherHUA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 24ms
7ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: 21stcenturywire.disqus.com
URL: https://21stcenturywire.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:42 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 49
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11965
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
21stcenturywire.disqus.com/ 62 KB
21 KB 130ms
124ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://21stcenturywire.disqus.com/recommendations.js

Requested by

Host: 21stcenturywire.disqus.com
URL: https://21stcenturywire.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

23763ff2058d79a8013e6b4ddceb10ec4f9487a61f42564fc874922917ad3113

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:42 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 20754

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 6DF6 48 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: widget.spreaker.com
URL: https://widget.spreaker.com/player-base-5f13a344dbf28ff80a2b.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.spreaker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1310
date: Fri, 11 Jun 2021 13:38:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 11 Jun 2021 15:38:52 GMT

GET
H2 200 e7bcc4a31b989f5042ec9e0e7cd8b6b7.svg Show response
widget.spreaker.com/ Frame 6DF6 55 KB
21 KB 23ms
20ms XHR
image/svg+xml 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.spreaker.com/e7bcc4a31b989f5042ec9e0e7cd8b6b7.svg
Requested by: Host: widget.spreaker.com
URL: https://widget.spreaker.com/player-base-5f13a344dbf28ff80a2b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-33.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a68652e1e5e6b633e5a9dd219e828c01ab4f3dfc639d8a23d9c5952428ae825e

Request headers

Accept: application/json, text/plain, */*
Referer: https://widget.spreaker.com/player?episode_id=45187356&theme=light&playlist=false&playlist-continuous=true&playlist-loop=false&playlist-autoupdate=true&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=right&hide-likes=false&hide-comments=false&hide-sharing=false&hide-logo=false&hide-download=true&hide-episode-description=false&hide-playlist-images=false&hide-playlist-descriptions=false&gdpr-consent=null&cover_image_url=https://d3wo5wojvuv7l.cloudfront.net/images.spreaker.com/original/5b9d2cf8d9c4d84442a10de9204e9ec3.jpg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 20:52:29 GMT
content-encoding: gzip
vary: Access-Control-Request-Headers,Access-Control-Request-Method
age: 6109694
x-cache: Hit from cloudfront
content-length: 21429
access-control-allow-origin: *
last-modified: Wed, 14 Oct 2020 15:33:45 GMT
server: AmazonS3
etag: "4fda2ee3bcb585fef9cebb52d0cacf8c"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/svg+xml
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 83UsNhR00--Y56GnpI93Be0FhUQQi5YeouGgNNF743cAG4pKdRrBMA==

GET
H2 200 episode_45187356.gz.json Show response
d3770qakewhkht.cloudfront.net/ Frame 6DF6 16 KB
5 KB 101ms
30ms XHR
application/json 13.224.89.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3770qakewhkht.cloudfront.net/episode_45187356.gz.json?v=etNjBE
Requested by: Host: widget.spreaker.com
URL: https://widget.spreaker.com/player-base-5f13a344dbf28ff80a2b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-176.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eee3ec679b5da55854d7b42c11353d937d6c9c28f7f03a9ec7205a896caccc47

Request headers

Accept: application/json, text/plain, */*
Referer: https://widget.spreaker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 20:42:46 GMT
content-encoding: gzip
vary: Origin
age: 407877
x-cache: Hit from cloudfront
content-length: 4295
access-control-allow-origin: *
last-modified: Sun, 06 Jun 2021 20:32:59 GMT
server: AmazonS3
etag: "3a86c9452188a28b2bb3b49e896ab578"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/json
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
cache-control: max-age=252460800
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: emDG6ztq2_g7can2KIcax9MgI5YdhW77BAj-YbABigYuz8QN4cHUFw==

GET
H2 200 5b9d2cf8d9c4d84442a10de9204e9ec3.jpg
d3wo5wojvuv7l.cloudfront.net/t_widget_player_cover_small/images.spreaker.com/original/ Frame 6DF6 17 KB
17 KB 115ms
40ms Image
image/jpg 13.32.11.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3wo5wojvuv7l.cloudfront.net/t_widget_player_cover_small/images.spreaker.com/original/5b9d2cf8d9c4d84442a10de9204e9ec3.jpg
Requested by: Host: widget.spreaker.com
URL: https://widget.spreaker.com/player?episode_id=45187356&theme=light&playlist=false&playlist-continuous=true&playlist-loop=false&playlist-autoupdate=true&autoplay=false&live-autoplay=false&chapters-image=true&episode_image_position=right&hide-likes=false&hide-comments=false&hide-sharing=false&hide-logo=false&hide-download=true&hide-episode-description=false&hide-playlist-images=false&hide-playlist-descriptions=false&gdpr-consent=null&cover_image_url=https://d3wo5wojvuv7l.cloudfront.net/images.spreaker.com/original/5b9d2cf8d9c4d84442a10de9204e9ec3.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-73.vie50.r.cloudfront.net
Software: /
Resource Hash: 5e8c76cd2c12bf377d273fa3a8d68006277126f63968fa7f500a53364e7c4392

Request headers

Referer: https://widget.spreaker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 21:40:14 GMT
via: 1.1 e77ae8cfd42b65dd9027fa08596c6f2a.cloudfront.net (CloudFront)
age: 404428
x-cache: Hit from cloudfront
content-type: image/jpg
cache-control: public, max-age=31536000, stale-while-revalidate=7884000, no-transform
x-amz-cf-pop: VIE50-C2
content-length: 17344
apigw-requestid: AhcN0gmTjoEEMSw=
x-amz-cf-id: LcgLENCEXdun3cpyV1KO5NW8j-wSvxQI-clEA49-Imuz-mQXWB64jg==

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 5223 12 KB
5 KB 196ms
196ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default

Requested by

Host: 21stcenturywire.disqus.com
URL: https://21stcenturywire.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b12c8205872b4b89333d33b7b38d524f096a91e41a74929245006662ee494b2f

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://21stcenturywire.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

Connection: keep-alive
Content-Length: 4141
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Thu, 03 Jun 2021 02:10:33 GMT
ETag: W/"lounge:view:7534548008.d006ae05e7e5e11f4feabae33e6efc67.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Fri, 11 Jun 2021 14:00:42 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/revcontent/ Frame A828 13 KB
5 KB 137ms
110ms Document
text/html 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/revcontent/?position=top&shortname=21stcenturywire&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23cc9900&colorScheme=light&sourceUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&disqus_version=5884b71
Requested by: Host: 21stcenturywire.disqus.com
URL: https://21stcenturywire.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 94881d36fdff3c3241dd35b042cef8ac202294b302c7d23a3fabd7854082b399

Request headers

Host: tempest.services.disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://21stcenturywire.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

Connection: keep-alive
Content-Length: 4869
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-Service: router
Content-Encoding: gzip
Date: Fri, 11 Jun 2021 14:00:42 GMT
Age: 0
Vary: Accept-Encoding,

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/revcontent/ Frame 5B1C 13 KB
5 KB 165ms
115ms Document
text/html 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/revcontent/?position=bottom&shortname=21stcenturywire&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23cc9900&colorScheme=light&sourceUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&disqus_version=5884b71
Requested by: Host: 21stcenturywire.disqus.com
URL: https://21stcenturywire.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: b3d6cded2f04212a08ce9f32ec98a1b7e4229fc19f503829232d94ae44a0a3d7

Request headers

Host: tempest.services.disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://21stcenturywire.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

Connection: keep-alive
Content-Length: 4869
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-Service: router
Content-Encoding: gzip
Date: Fri, 11 Jun 2021 14:00:42 GMT
Age: 0
Vary: Accept-Encoding,

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 158ms
114ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34hlpj72er0ff8&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=21stcenturywire&zone=thread&version=a5921af07b365f6dfd62075d2dee3735&page_url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=2099916

Requested by

Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:42 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 160ms
116ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34hlpj72er0ff8&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=21stcenturywire&zone=thread&version=a5921af07b365f6dfd62075d2dee3735&page_url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=2099916

Requested by

Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:42 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 pixel;r=1928868611;rf=0;a=p-hXEj-jK0j8q7s;url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F;uht=2;fpan=1;fpa=P0-1673341703-162342004273...
pixel.quantserve.com/ 35 B
372 B 20ms
16ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1928868611;rf=0;a=p-hXEj-jK0j8q7s;url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F;uht=2;fpan=1;fpa=P0-1673341703-1623420042739;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=21stcenturywire.com;je=0;sr=1600x1200x24;dst=1;et=1623420042739;tzo=-120;ogl=image%3Awidth.610%2Cimage%3Aheight.400%2Clocale.en_US%2Ctype.article%2Ctitle.OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation%20-%2021st%20Century%20Wire%2Cdescription.21WIRE%20%2B%20South%20Front%20%7C%20By%20boosting%20the%20likes%20of%20Bellingcat%252C%20western%20media%20and%20po%2Curl.https%3A%2F%2F21stcenturywire%252Ecom%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-inv%2Csite_name.21st%20Century%20Wire%2Cimage.https%3A%2F%2F21stcenturywire%252Ecom%2Fwp-content%2Fuploads%2F2019%2F07%2F1-Bellingcat%252Ejpg%2Cimage%3Awidth.610%2Cimage%3Aheight.400

Requested by

Host: 21stcenturywire.com
URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Jun 2021 14:00:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ 0
4 KB 23ms
19ms Other
text/css 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css

Requested by

Host: 21stcenturywire.disqus.com
URL: https://21stcenturywire.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 10:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3124167
x-cache: Hit from cloudfront
content-length: 3748
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-ea4"
content-type: text/css; charset=utf-8
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 10:11:15 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: NamJAqQFmvjiErVRteDoUVYjrDTSfk2VXVX3BnN-RApCaUhc7jnHRg==
x-cache-hits: 0

GET
H2 200 common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js
c.disquscdn.com/next/recommendations/ 0
87 KB 23ms
20ms Other
application/javascript 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Requested by

Host: 21stcenturywire.disqus.com
URL: https://21stcenturywire.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329433
x-cache: Hit from cloudfront
content-length: 88889
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-15b39"
content-type: application/javascript; charset=utf-8
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: x6hqbnhvu5GPFa7O7JStac1Y4u9CDtN42kWYnUgqW7PspZBYRalDFA==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.8476f2bb7473dc28853e21b0f06cc058.js
c.disquscdn.com/next/recommendations/ 0
20 KB 23ms
21ms Other
application/javascript 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.8476f2bb7473dc28853e21b0f06cc058.js

Requested by

Host: 21stcenturywire.disqus.com
URL: https://21stcenturywire.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329433
x-cache: Hit from cloudfront
content-length: 20101
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-4e85"
content-type: application/javascript; charset=utf-8
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: YTzwoQiDsxmHheZxwuE_2t5fL-tMOyi8wvRQcAkNcMTgjq4Xfd9dFA==
x-cache-hits: 0

GET
H2 200 settings-1623415836.json Show response
a.mailmunch.co/forms-cache/653704/ 1 KB
1 KB 80ms
36ms XHR
application/json 2600:9000:211a:be00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/forms-cache/653704/settings-1623415836.json
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:be00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e6f6d6b3b07e4525583a36bf532f8e5c521793fb498f52c605c91d1ed89e89c

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 12:51:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 4182
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 11 Jun 2021 12:50:44 GMT
server: AmazonS3
etag: W/"ac301e2c622c2e53b0a78038f57da466"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
via: 1.1 437caaa82b2f94aeac2747f293235378.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: tk7po3qoZYBfvqVdG5nobKRxLFoFszI3GGmjRSEMcTSPFK-R-Xroyg==

GET
H/1.1 200
OK horizon_tweet.2bd42981e3af03ce9186a5655508da28.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.2bd42981e3af03ce9186a5655508da28.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: 263627ec362c25037d69022de008fad33cf85ec7267604a5ae5c8e6fe4ad9e38

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/67C1)
Age: 62148
Etag: "43544c32afe87494042045e40e7b3213+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2436

GET
H2 200 3aff5c77c950ba7e75dd9b937e43f176.js Show response
cdn.bannersnack.com/banners/bzj529ipd/embed/ Frame 6DE1 66 KB
19 KB 24ms
24ms Script
text/javascript 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersnack.com/banners/bzj529ipd/embed/3aff5c77c950ba7e75dd9b937e43f176.js
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bzj529ipd/embed/index.html?t=1620159076&userId=10086691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e18c2a975b23e30f243485b7921e47f8c49d3904f36e26dbb852c1ec6ce0425

Request headers

Referer: https://cdn.bannersnack.com/banners/bzj529ipd/embed/index.html?t=1620159076&userId=10086691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CZROC9QZkXPPOHbXUqqKt0DKjqyh5hrF
content-encoding: gzip
last-modified: Tue, 04 May 2021 20:11:42 GMT
server: AmazonS3
age: 82286
etag: "0692aac68c0a5b73a1130c4f8dd2ed1b"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
date: Thu, 10 Jun 2021 15:09:17 GMT
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 18565
x-amz-cf-id: E5wjfesT8JEQZ0DderrIdvVxjnuYs3I5YR-7Ytwe4vfZ5Ve_EgS3lA==

GET
H2 200 3aff5c77c950ba7e75dd9b937e43f176.js Show response
cdn.bannersnack.com/banners/bhkm4pmcr/embed/ Frame E604 66 KB
19 KB 39ms
39ms Script
text/javascript 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/3aff5c77c950ba7e75dd9b937e43f176.js
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/index.html?t=1620397923&userId=10086691&responsive=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e18c2a975b23e30f243485b7921e47f8c49d3904f36e26dbb852c1ec6ce0425

Request headers

Referer: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/index.html?t=1620397923&userId=10086691&responsive=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 07:58:53 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 14:32:34 GMT
server: AmazonS3
age: 21710
etag: "0692aac68c0a5b73a1130c4f8dd2ed1b"
x-cache: Hit from cloudfront
x-amz-version-id: 6eESz.EStgIOpe4Uzt4ajPXEa3FJiIvg
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-type: text/javascript
content-length: 18565
x-amz-cf-id: PmsQJBFuCn-9L1xvRlkE56u1Mf4Ngsq6fHkA1949C1ckJqujaVPMxQ==

GET
H2 200 widget-7-cda7b11cc43e.js Show response
widget.sndcdn.com/ Frame 3E1B 8 KB
3 KB 129ms
32ms Script
application/javascript 99.86.241.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-7-cda7b11cc43e.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1005066571&color=%23cc9900&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-72.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9413f1dd7c49e8c6b9bfea23bf5d80083db23141dab1e97ceb10baa29639105c

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:49:21 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 346282
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 13:45:08 GMT
server: AmazonS3
etag: W/"60732313eba8b68f43e0f37f4684e27c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: dWfYOgFoMGSxiAGII7gqlD1T1z7ugGqB
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: VIE50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: IxsOPFcfkzAmLcJ2qJLMDtqfmiJZpbq98eUSy8WJ97m2U9ocDNAodw==

GET
H2 200 widget-8-50bd51910b02.js Show response
widget.sndcdn.com/ Frame 3E1B 2 KB
2 KB 129ms
32ms Script
application/javascript 99.86.241.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-8-50bd51910b02.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1005066571&color=%23cc9900&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-72.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb63f20e251eb8f374ba3e774c2efa713eab3483d6b30e086fb317f67e1b695c

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:49:20 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 346283
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 13:45:08 GMT
server: AmazonS3
etag: W/"91aca44bce1508c2f5d6c007ce331b76"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: fPY2eF_6EAaeZKtEL5IFnEr8t_1aea.e
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: VIE50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: LCoISq516npKCLDPqEnxlU09iBb2RsFW_dMIc3sEJKsveRaAcPIoSA==

GET
H2 200 widget-9-3d4d9a0f9c5b.js Show response
widget.sndcdn.com/ Frame 3E1B 1 MB
306 KB 138ms
41ms Script
application/javascript 99.86.241.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1005066571&color=%23cc9900&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-72.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c6aa1a86a8d54a45831bd8208f03c928dc15f9de1fa5301b50cf75e10fcf7fe

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:49:20 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 346283
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 13:45:08 GMT
server: AmazonS3
etag: W/"b884412af38d2a18d2a9e90b989a1575"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 0CHPhvmBXxZaxN9Q6C4UNaJg2lNVC0LM
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: VIE50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: FhdT6I86CgztIrpwD8ROSNG1AXtyxukAjqmazH44ft6pUK6M80rjBw==

GET
H2 200 a0b6ae0587c62c21fa66a0c61fa9e893.js Show response
cdn.bannersnack.com/banners/bx9fwkh72/embed/ Frame 63C9 78 KB
21 KB 32ms
28ms Script
text/javascript 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersnack.com/banners/bx9fwkh72/embed/a0b6ae0587c62c21fa66a0c61fa9e893.js
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bx9fwkh72/embed/index.html?t=1622214949&userId=10086691&responsive=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78ef8387319b1f45117523e7ed056735f91b78673075f45d093a22e0f89e57ca

Request headers

Referer: https://cdn.bannersnack.com/banners/bx9fwkh72/embed/index.html?t=1622214949&userId=10086691&responsive=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 11:07:14 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 15:19:06 GMT
server: AmazonS3
age: 10408
etag: "e3d897d7c1dcca1fe9ca9a521d179e06"
x-cache: Hit from cloudfront
x-amz-version-id: utavjASf.E1U6hZ0ehXk89f7AgVyZAXH
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-type: text/javascript
content-length: 21012
x-amz-cf-id: fY5ZqRd1k7iedHAGMYy_WE6oBMSU56GlkNBvMCnsafkHcC25rD7oWQ==

GET
H2 200 3aff5c77c950ba7e75dd9b937e43f176.js Show response
cdn.bannersnack.com/banners/bzj529ipd/embed/ Frame 5FCF 66 KB
19 KB 30ms
28ms Script
text/javascript 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersnack.com/banners/bzj529ipd/embed/3aff5c77c950ba7e75dd9b937e43f176.js
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bzj529ipd/embed/index.html?t=1620159076&userId=10086691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e18c2a975b23e30f243485b7921e47f8c49d3904f36e26dbb852c1ec6ce0425

Request headers

Referer: https://cdn.bannersnack.com/banners/bzj529ipd/embed/index.html?t=1620159076&userId=10086691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CZROC9QZkXPPOHbXUqqKt0DKjqyh5hrF
content-encoding: gzip
last-modified: Tue, 04 May 2021 20:11:42 GMT
server: AmazonS3
age: 82286
etag: "0692aac68c0a5b73a1130c4f8dd2ed1b"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
date: Thu, 10 Jun 2021 15:09:17 GMT
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 18565
x-amz-cf-id: 31Hv9ydPsvOx1eJZP5ljb3_dVpFjzhPrADo1QMAxFBp66thWamTHzA==

GET
H2 200 3aff5c77c950ba7e75dd9b937e43f176.js Show response
cdn.bannersnack.com/banners/bhkm4pmcr/embed/ Frame 847B 66 KB
19 KB 30ms
28ms Script
text/javascript 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/3aff5c77c950ba7e75dd9b937e43f176.js
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/index.html?t=1620397923&userId=10086691&responsive=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e18c2a975b23e30f243485b7921e47f8c49d3904f36e26dbb852c1ec6ce0425

Request headers

Referer: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/index.html?t=1620397923&userId=10086691&responsive=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 07:58:53 GMT
content-encoding: gzip
last-modified: Fri, 07 May 2021 14:32:34 GMT
server: AmazonS3
age: 21710
etag: "0692aac68c0a5b73a1130c4f8dd2ed1b"
x-cache: Hit from cloudfront
x-amz-version-id: 6eESz.EStgIOpe4Uzt4ajPXEa3FJiIvg
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-type: text/javascript
content-length: 18565
x-amz-cf-id: uBEYaNfQX3BnZ3m2REXDKPyHabPUhu0MPqcghrit-to6KMw3J6CvAg==

GET
H2 200 3aff5c77c950ba7e75dd9b937e43f176.js Show response
cdn.bannersnack.com/banners/bdxplhkx4/embed/ Frame AEE1 66 KB
19 KB 48ms
47ms Script
text/javascript 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bannersnack.com/banners/bdxplhkx4/embed/3aff5c77c950ba7e75dd9b937e43f176.js
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bdxplhkx4/embed/index.html?t=1620159446&userId=10086691&responsive=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e18c2a975b23e30f243485b7921e47f8c49d3904f36e26dbb852c1ec6ce0425

Request headers

Referer: https://cdn.bannersnack.com/banners/bdxplhkx4/embed/index.html?t=1620159446&userId=10086691&responsive=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ryymwm.0Zm9B9roLBNBZLcjXke7NO44D
content-encoding: gzip
last-modified: Tue, 04 May 2021 20:18:49 GMT
server: AmazonS3
age: 53413
etag: "0692aac68c0a5b73a1130c4f8dd2ed1b"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
date: Thu, 10 Jun 2021 23:10:30 GMT
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 18565
x-amz-cf-id: Y2euLaKpW5LEd2umKOA9Muofr4YHncRBg5GcrN-2huPFUPfM4z0HSw==

GET
H/1.1 200
OK Tweet.html Show response
platform.twitter.com/embed/ Frame 05DE 487 B
971 B 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 332f943a5ebc0f607b7edef58003ccc3e64a08df41a1272344b6ca082b35c6a9

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://21stcenturywire.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 768
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Fri, 11 Jun 2021 14:00:42 GMT
Etag: "26a7c108da055294649f46ea809f0ac9"
Last-Modified: Thu, 03 Jun 2021 19:45:38 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H2 200 e1d6ca48ed4ab44ea451affbb6805e13.jpg
cdn.bannersnack.com/banners/bzj529ipd/embed/media/ Frame 6DE1 39 KB
40 KB 41ms
40ms Image
image/jpeg 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannersnack.com/banners/bzj529ipd/embed/media/e1d6ca48ed4ab44ea451affbb6805e13.jpg
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bzj529ipd/embed/index.html?t=1620159076&userId=10086691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccf3df14e4bb17063a364e9d790324ad709138419b10a2b0898234e6fc647883

Request headers

Referer: https://cdn.bannersnack.com/banners/bzj529ipd/embed/index.html?t=1620159076&userId=10086691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PMIXQU6QcgFZez52EyrV0Vz4Tmy_1vrJ
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
last-modified: Tue, 04 May 2021 20:11:42 GMT
server: AmazonS3
age: 24958
etag: "e1d6ca48ed4ab44ea451affbb6805e13"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Fri, 11 Jun 2021 07:04:45 GMT
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 40081
x-amz-cf-id: UmBachqBsrbPB0qJA_HMuoZ3jnX0oxqgmy3t-P4-Mo27qBMhW0cH9A==

GET
H2 200 / Show response
stats.bannersnack.com/info/ Frame 6DE1 177 B
340 B 307ms
99ms Script
application/javascript 107.22.27.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.bannersnack.com/info/?h=bzj529ipd&n=&c=bsStats_bzj529ipd

Requested by

Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bzj529ipd/embed/3aff5c77c950ba7e75dd9b937e43f176.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.22.27.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

09975cd6c5d61e31f2e61a7b0d340db5ad5fbe283d198e667c30fa58708bfde9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://cdn.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
cache-control: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript

GET
H2 200 422f4cde33dc37d149d2091db602f951.png
cdn.bannersnack.com/banners/bhkm4pmcr/embed/media/ Frame E604 19 KB
19 KB 31ms
31ms Image
image/png 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/media/422f4cde33dc37d149d2091db602f951.png
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/index.html?t=1620397923&userId=10086691&responsive=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a9a98639098e82c58bf74f4b601f8852e68a864031067414f5c4a2423580927

Request headers

Referer: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/index.html?t=1620397923&userId=10086691&responsive=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: gR_PhsGj7gg1FcuUw2PaCS7tqgiHFmk.
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 14:32:34 GMT
server: AmazonS3
age: 82285
etag: "422f4cde33dc37d149d2091db602f951"
x-cache: Hit from cloudfront
content-type: image/png
date: Thu, 10 Jun 2021 15:09:18 GMT
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 19537
x-amz-cf-id: YTlDjpmJ0RzvLEQSEqSGUBVgF7grZ3iq1uGl7rgY5ToDCb2jqW5svw==

GET
H2 200 / Show response
stats.bannersnack.com/info/ Frame E604 176 B
339 B 298ms
100ms Script
application/javascript 107.22.27.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.bannersnack.com/info/?h=bhkm4pmcr&n=&c=bsStats_bhkm4pmcr

Requested by

Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/3aff5c77c950ba7e75dd9b937e43f176.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.22.27.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

202ec2290aaecfd0bfaf9cb1b63c37bf5e997bc45ea0f583eb2d10a5777683c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://cdn.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
cache-control: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ Frame 63C9 3 KB
685 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:900|Montserrat:800i

Requested by

Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bx9fwkh72/embed/a0b6ae0587c62c21fa66a0c61fa9e893.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff64e08cb6fbf6df01e34a0cc910740441a61945941cd71fdecbabdcf917a07a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Jun 2021 14:00:42 GMT
server: ESF
date: Fri, 11 Jun 2021 14:00:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Jun 2021 14:00:42 GMT

GET
H2 200 048040689d554197d89c5bb1414fb7de.jpg
cdn.bannersnack.com/banners/bx9fwkh72/embed/media/ Frame 63C9 66 KB
66 KB 24ms
24ms Image
image/jpeg 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannersnack.com/banners/bx9fwkh72/embed/media/048040689d554197d89c5bb1414fb7de.jpg
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bx9fwkh72/embed/index.html?t=1622214949&userId=10086691&responsive=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: adb16cdf6425ed765bf7b71039c70fa5d3e86f419a42080c9e66b6e66d36b0c4

Request headers

Referer: https://cdn.bannersnack.com/banners/bx9fwkh72/embed/index.html?t=1622214949&userId=10086691&responsive=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 5.aJvnDYPpXtAoC8A9NMocfRETO5XqGu
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
last-modified: Fri, 28 May 2021 15:19:06 GMT
server: AmazonS3
age: 53413
etag: "048040689d554197d89c5bb1414fb7de"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Thu, 10 Jun 2021 23:10:30 GMT
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 67080
x-amz-cf-id: YBClQyywuWEy2wQFt2uM_2yNboKYzy37cCqEQoDmDjzKTzcI_Rq6Pg==

GET
H2 200 / Show response
stats.bannersnack.com/info/ Frame 63C9 177 B
340 B 291ms
103ms Script
application/javascript 107.22.27.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.bannersnack.com/info/?h=bx9fwkh72&n=&c=bsStats_bx9fwkh72

Requested by

Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bx9fwkh72/embed/a0b6ae0587c62c21fa66a0c61fa9e893.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.22.27.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44967d9018d00c6cf5cb93c378a909bb20536379d79fde8186130e04ee41222b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://cdn.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
cache-control: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript

GET
H2 200 embedded.js Show response
a.mailmunch.co/app/v1/ 4 KB
2 KB 29ms
19ms Script
text/javascript 2600:9000:211a:be00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/embedded.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:be00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48f097fa20655292e0e8fab980a1cbe86f212d8d2e522cddda6e5c1b79377b55

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 08:01:36 GMT
content-encoding: gzip
age: 21547
x-cache: Hit from cloudfront
content-length: 1091
access-control-allow-origin: *
last-modified: Wed, 09 Jun 2021 06:56:57 GMT
server: AmazonS3
etag: "2e4f878fde357a961ac899b9bb7951cd"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/javascript
via: 1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: k6nuonTeh0CpFsJewNiknntiTkFlqLmh39X7RX7PV_RaISXa9dGhDQ==

GET
H2 200 e1d6ca48ed4ab44ea451affbb6805e13.jpg
cdn.bannersnack.com/banners/bzj529ipd/embed/media/ Frame 5FCF 39 KB
40 KB 39ms
31ms Image
image/jpeg 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannersnack.com/banners/bzj529ipd/embed/media/e1d6ca48ed4ab44ea451affbb6805e13.jpg
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bzj529ipd/embed/3aff5c77c950ba7e75dd9b937e43f176.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccf3df14e4bb17063a364e9d790324ad709138419b10a2b0898234e6fc647883

Request headers

Referer: https://cdn.bannersnack.com/banners/bzj529ipd/embed/index.html?t=1620159076&userId=10086691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PMIXQU6QcgFZez52EyrV0Vz4Tmy_1vrJ
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
last-modified: Tue, 04 May 2021 20:11:42 GMT
server: AmazonS3
age: 24958
etag: "e1d6ca48ed4ab44ea451affbb6805e13"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Fri, 11 Jun 2021 07:04:45 GMT
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 40081
x-amz-cf-id: rfRzbci9oNkabuTOUGbvKfxeCqdnUohRS0Hc89jTIM6ENoDNdVMwuw==

GET
H2 200 / Show response
stats.bannersnack.com/info/ Frame 5FCF 177 B
340 B 260ms
99ms Script
application/javascript 107.22.27.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.bannersnack.com/info/?h=bzj529ipd&n=&c=bsStats_bzj529ipd

Requested by

Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bzj529ipd/embed/3aff5c77c950ba7e75dd9b937e43f176.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.22.27.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

573b9853e802b06a34f434c23b66c5cabf5b0ae48619266dec556727bd32df44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://cdn.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
cache-control: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript

GET
H2 200 422f4cde33dc37d149d2091db602f951.png
cdn.bannersnack.com/banners/bhkm4pmcr/embed/media/ Frame 847B 19 KB
19 KB 32ms
31ms Image
image/png 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/media/422f4cde33dc37d149d2091db602f951.png
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/3aff5c77c950ba7e75dd9b937e43f176.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a9a98639098e82c58bf74f4b601f8852e68a864031067414f5c4a2423580927

Request headers

Referer: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/index.html?t=1620397923&userId=10086691&responsive=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: gR_PhsGj7gg1FcuUw2PaCS7tqgiHFmk.
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 14:32:34 GMT
server: AmazonS3
age: 82285
etag: "422f4cde33dc37d149d2091db602f951"
x-cache: Hit from cloudfront
content-type: image/png
date: Thu, 10 Jun 2021 15:09:18 GMT
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 19537
x-amz-cf-id: xl1cCnj1mfH-qiLdSjMpnlbdFYb135IZxYdFlVwln6bP2OQX8HsMzQ==

GET
H2 200 / Show response
stats.bannersnack.com/info/ Frame 847B 176 B
338 B 346ms
188ms Script
application/javascript 107.22.27.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.bannersnack.com/info/?h=bhkm4pmcr&n=&c=bsStats_bhkm4pmcr

Requested by

Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/3aff5c77c950ba7e75dd9b937e43f176.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.22.27.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

db92c1371147395ea935d9f861a42eadee53697dda77e8d794542856dc78d43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://cdn.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
cache-control: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript

GET
H2 200 5c85aa1501bf9d2b17a3ec4b7e014066.jpg
cdn.bannersnack.com/banners/bdxplhkx4/embed/media/ Frame AEE1 112 KB
112 KB 35ms
34ms Image
image/jpeg 2600:9000:211a:f000:1a:1e7b:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bannersnack.com/banners/bdxplhkx4/embed/media/5c85aa1501bf9d2b17a3ec4b7e014066.jpg
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bdxplhkx4/embed/index.html?t=1620159446&userId=10086691&responsive=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:f000:1a:1e7b:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a30b8f164ce769e50acaf17177b8531735ce6ef8d6cbf9103d5f6af8bcabaca

Request headers

Referer: https://cdn.bannersnack.com/banners/bdxplhkx4/embed/index.html?t=1620159446&userId=10086691&responsive=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rqlPyBxTv.MPRYF_PvUE1.ZFMQCKjzeC
via: 1.1 07ba06e632a891feeba3436a80d00ee5.cloudfront.net (CloudFront)
last-modified: Tue, 04 May 2021 20:18:49 GMT
server: AmazonS3
age: 39051
etag: "5c85aa1501bf9d2b17a3ec4b7e014066"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Fri, 11 Jun 2021 03:09:52 GMT
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
content-length: 114349
x-amz-cf-id: _4PUBqYewVT8n0rPO-h2ihJHNVS7B0Q2CmRPqac4Q56fo1YYJifbbQ==

GET
H2 200 / Show response
stats.bannersnack.com/info/ Frame AEE1 177 B
341 B 339ms
189ms Script
application/javascript 107.22.27.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.bannersnack.com/info/?h=bdxplhkx4&n=&c=bsStats_bdxplhkx4

Requested by

Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bdxplhkx4/embed/3aff5c77c950ba7e75dd9b937e43f176.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.22.27.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

bc0414e932655e882b8fdccc64f22670788ac05bd95a5f6761da180a9a568a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://cdn.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
cache-control: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame 75A5 5 KB
3 KB 149ms
120ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation

Requested by

Host: 21stcenturywire.disqus.com
URL: https://21stcenturywire.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

eefe8595042642eb3905214c664f86d12eff7cd3ba1a976b663f41f36cd97930

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://21stcenturywire.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://21stcenturywire.com/

Response headers

Connection: keep-alive
Content-Length: 2332
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Sun, 31 Jan 2021 18:51:36 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Fri, 11 Jun 2021 14:00:43 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK embed.runtime.fb42821a08b18a84ec62.js Show response
platform.twitter.com/embed/ Frame 05DE 8 KB
4 KB 23ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.runtime.fb42821a08b18a84ec62.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 7b7733064438c1966da5fa7bde59e4fb8e7e65eb4b42fd5c087be18ff7d501b2

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 19:45:37 GMT
Server: ECS (frb/6723)
Age: 62148
Etag: "cc5070b6cdb5fc3385f6c0f5fe2b832d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 3515

GET
H/1.1 200
OK embed.modules.fdf619f0ab7b0d65a156.js Show response
platform.twitter.com/embed/ Frame 05DE 501 KB
160 KB 23ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.modules.fdf619f0ab7b0d65a156.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: 1142d3e2151b2d78ac338d8e13d29bae8396d4c0eeecc2c526567954d5b9623b

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 19:45:37 GMT
Server: ECS (frb/674B)
Age: 62146
Etag: "ecda7d77624a93098913e0f87a599f93+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 163554

GET
H/1.1 200
OK embed.i18n.4b9e73295c227d97b396.js Show response
platform.twitter.com/embed/ Frame 05DE 146 B
650 B 30ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.i18n.4b9e73295c227d97b396.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 3ed3c50b01daa71dcb11f101b27ea78aedf2a1a9df0e4320be84aef4204b6200

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:42 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Thu, 03 Jun 2021 19:45:37 GMT
Server: ECS (frb/67BA)
Age: 62148
Etag: "39240cf1feca2acc3f78b8cbb0fe28b6"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 146

GET
H/1.1 200
OK embed.Tweet.b85c55a7b4da4d894561.js Show response
platform.twitter.com/embed/ Frame 05DE 15 KB
6 KB 31ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.Tweet.b85c55a7b4da4d894561.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A7) /
Resource Hash: 8bd8b42a750d23140bf570e137bbca8f3464acaf2262b94f8f7468c62e076210

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 19:45:37 GMT
Server: ECS (frb/67A7)
Age: 62148
Etag: "13304e58d34c2172b758ee9db52259fe+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5554

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ Frame A828 364 KB
103 KB 90ms
9ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/revcontent/?position=top&shortname=21stcenturywire&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23cc9900&colorScheme=light&sourceUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d660861fb44a4b9306dd05b2c61c40808cf85bacc11ff2bc81e8b8bd1a99b853

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 14:17:17 GMT
server: AmazonS3
x-amz-request-id: 1Z5YMHF1QS61Z8ZA
etag: "5cd561a4ec485a85c0bc49bf85b67c00"
x-hw: 1623420043.cds097.fr8.hn,1623420043.cds055.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 104646
x-amz-id-2: ufqaHRBDYxXR2uQeeWcB3sTQPF5hZRBNJcX1aayNNzdjPCi1vNElKqaoV3BF3ToOx5/KEiIiaG0=

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZbgjz_PZw.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 63C9 19 KB
20 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUPjIg1_i6t8kCHKm459WxZbgjz_PZw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:900|Montserrat:800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9a4514f330f7dbff481c9d392990313b157286733633627d6e7e6f86f2f10c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cdn.bannersnack.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 14:24:19 GMT
x-content-type-options: nosniff
age: 257783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19836
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:33 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 14:24:19 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 63C9 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:900|Montserrat:800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cdn.bannersnack.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 20:02:42 GMT
x-content-type-options: nosniff
age: 237480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19240
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 20:02:42 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ Frame 5B1C 364 KB
102 KB 38ms
23ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/revcontent/?position=bottom&shortname=21stcenturywire&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23cc9900&colorScheme=light&sourceUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d660861fb44a4b9306dd05b2c61c40808cf85bacc11ff2bc81e8b8bd1a99b853

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 14:17:17 GMT
server: AmazonS3
x-amz-request-id: 1Z5YMHF1QS61Z8ZA
etag: "5cd561a4ec485a85c0bc49bf85b67c00"
x-hw: 1623420043.cds097.fr8.hn,1623420043.cds055.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 104646
x-amz-id-2: ufqaHRBDYxXR2uQeeWcB3sTQPF5hZRBNJcX1aayNNzdjPCi1vNElKqaoV3BF3ToOx5/KEiIiaG0=

GET
H2 200 index-1559914391.html Show response
a.mailmunch.co/forms-cache/653704/792379/ 110 KB
39 KB 25ms
24ms XHR
text/html 2600:9000:211a:be00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/forms-cache/653704/792379/index-1559914391.html
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:be00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 108f93f425087fd138060d36edb747a0df95781d1fcf16e10fe5fe809e3c8099

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 20:09:42 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 8358662
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 05 Mar 2021 13:29:36 GMT
server: AmazonS3
etag: W/"fdc532809e146d5aa08f63072e0791af"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
via: 1.1 437caaa82b2f94aeac2747f293235378.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: Tyq_0-xrMovaARAhmI2NMSmC2FdVcy2Wie13_z46d-YEFyTEf-_Ehw==

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame E736 45 KB
17 KB 15ms
15ms Script
text/javascript 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/12258972111681382?pubid=ld-7602-9870&pubo=https%3A%2F%2F21stcenturywire.com&rid=&width=590

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2787
date: Fri, 11 Jun 2021 13:14:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Fri, 11 Jun 2021 15:14:16 GMT

GET
H2 200 logo-200x120-3190df52.png
widget.sndcdn.com/assets/images/ Frame 3E1B 4 KB
4 KB 97ms
31ms Image
image/png 99.86.241.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.sndcdn.com/assets/images/logo-200x120-3190df52.png
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1005066571&color=%23cc9900&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-72.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 02:31:47 GMT
via: 1.1 19e8b9893b6330d5d62599a448aea7db.cloudfront.net (CloudFront)
age: 10754937
x-cache: Hit from cloudfront
content-length: 3745
last-modified: Thu, 04 Feb 2021 15:57:24 GMT
server: AmazonS3
etag: "a1591e5274b36cfbae3e167dffe49970"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: w8fRdlw_riYJPTy0Vv0G9KWm9zxKAM03d86w3KHil_3YSYD_11afKA==

GET
H/1.1 200
OK 748841-953982-721521-171346 Show response
api-widget.soundcloud.com/assignments/ Frame 3E1B 511 B
1 KB 138ms
73ms XHR
application/json 99.86.235.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/assignments/748841-953982-721521-171346?layers=widget_listening&format=json&client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR&app_version=1623073487

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.235.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-235-49.vie50.r.cloudfront.net

Software

am/2 /

Resource Hash

73442042723599bce8535f591fa5ecde187d59fa2c24498fa27d93db9c09d6fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:43 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Amz-Cf-Pop: VIE50-C1
X-Cache: Miss from cloudfront
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 131
access-control-allow-origin: https://w.soundcloud.com
referrer-policy: no-referrer
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
strict-transport-security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c3.cloudfront.net (CloudFront)
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: JekfljXYT6theBJaQRZvBxWPUBHmLHRbZb9HO8Ly3n5ebxodL7h_uw==

GET
H/1.1 200
OK embed.vendors~ondemand.horizon-web.en-js.df1a89ff01b63fbd9c14.js Show response
platform.twitter.com/embed/ Frame 05DE 21 KB
7 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.df1a89ff01b63fbd9c14.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.fb42821a08b18a84ec62.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 43861e4cb2238d9a5cc5320aa52860f57e105caff3983cf34948eb08c2aaffd0

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 19:45:37 GMT
Server: ECS (frb/674C)
Age: 62148
Etag: "7581e4d659bc1b4bbcb5222ecb0fc881+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 7050

GET
H/1.1 200
OK embed.ondemand.i18n.en-js.2d1b9162a9d9eb606e9d.js Show response
platform.twitter.com/embed/ Frame 05DE 3 KB
2 KB 8ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.2d1b9162a9d9eb606e9d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.fb42821a08b18a84ec62.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 8e5dba2200cd286a1d9dac3ed2d45692c8c4a6afe2d57a2ce01d217cf31dbec8

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 19:45:37 GMT
Server: ECS (frb/67BE)
Age: 62149
Etag: "1da432f45029fd4661914a11c40f5f01+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 1528

GET
H3-29 200 dc.js Show response
stats.g.doubleclick.net/ Frame 9396 45 KB
17 KB 15ms
14ms Script
text/javascript 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/13429743756194918?pubid=ld-4931-8637&pubo=https%3A%2F%2F21stcenturywire.com&rid=&width=291

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2787
date: Fri, 11 Jun 2021 13:14:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Fri, 11 Jun 2021 15:14:16 GMT

GET
H3-29 200 dc.js Show response
stats.g.doubleclick.net/ Frame 64DC 45 KB
17 KB 14ms
14ms Script
text/javascript 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/14030474624578662?pubid=ld-14030474624578662&pubo=https%3A%2F%2F21stcenturywire.com&rid=&width=1560

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2787
date: Fri, 11 Jun 2021 13:14:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Fri, 11 Jun 2021 15:14:16 GMT

GET
H2 200 lounge.load.a5921af07b365f6dfd62075d2dee3735.js Show response
c.disquscdn.com/next/embed/ Frame 5223 1 KB
1 KB 61ms
20ms Script
application/javascript 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.a5921af07b365f6dfd62075d2dee3735.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0a0c09e1e97f172c235c9dcb12dbcd2c20b6bd1bce3a0fe453b245139ededbac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329427
x-cache: Hit from cloudfront
content-length: 532
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-214"
content-type: application/javascript; charset=utf-8
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: XSZtDvci0ld4H3_vwDHsAyEyIu52gMTBqLVPBwNZXdeRAbWugKOJ0Q==
x-cache-hits: 0

GET
H2 200 index.css
a.mailmunch.co/v2/themes/mailmunch/simple/embedded/ Frame 9931 6 KB
3 KB 20ms
20ms Stylesheet
text/css 2600:9000:211a:be00:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/v2/themes/mailmunch/simple/embedded/index.css
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:be00:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bb6697c532f3c51f91aca196771dbe81677a5c7b7e4478426f45f5e006ebd16

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 21:41:34 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 59670
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 08 Jan 2020 12:44:20 GMT
server: AmazonS3
etag: W/"c253f8043dd991176c2fe766d0cba6bc"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/css
via: 1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: KZQRNjooNeFmnuFYso2RGOY3eE5ZJqEKNRgrG8kBW96j4f95PmJSdg==

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ Frame A828 52 B
274 B 108ms
41ms Fetch
text/html 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=176833

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://tempest.services.disqus.com
date: Fri, 11 Jun 2021 14:00:43 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ Frame A828 0
0 96ms
29ms Fetch 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://tempest.services.disqus.com
date: Fri, 11 Jun 2021 14:00:43 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ Frame 5B1C 52 B
274 B 100ms
41ms Fetch
text/html 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=176831

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://tempest.services.disqus.com
date: Fri, 11 Jun 2021 14:00:43 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ Frame 5B1C 0
0 89ms
30ms Fetch 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://tempest.services.disqus.com
date: Fri, 11 Jun 2021 14:00:43 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9931 4 KB
631 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700,400

Requested by

Host: a.mailmunch.co
URL: https://a.mailmunch.co/v2/themes/mailmunch/simple/embedded/index.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://a.mailmunch.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Jun 2021 13:22:13 GMT
server: ESF
date: Fri, 11 Jun 2021 14:00:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Jun 2021 14:00:43 GMT

GET
H2 200 widget-0-d7ceca0f9828.js Show response
widget.sndcdn.com/ Frame 3E1B 204 KB
56 KB 35ms
34ms Script
application/javascript 99.86.241.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.sndcdn.com/widget-0-d7ceca0f9828.js
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-8-50bd51910b02.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-72.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69137757604031457dde4adedff28199a2dc9af2939807858a7979f2b6e691a7

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 13:49:20 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 346284
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 13:45:08 GMT
server: AmazonS3
etag: W/"9b6cbe7cac32313ed6dbc0536d462b6b"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 0sfhbRQ6qqDnU.gTBRf80eHlfNLpJIg3
via: 1.1 19e8b9893b6330d5d62599a448aea7db.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: VIE50-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: oWmLmdNMnY5AraZlCUC1oP_zr28ak4V8HDEhQ-V1QhDFGnzmT24gqA==

GET
H/1.1 200
OK stats-bannersnack Show response
sqs.us-east-1.amazonaws.com/174496846625/ Frame 6DE1 378 B
658 B 1419ms
111ms XHR
text/xml 52.46.137.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/174496846625/stats-bannersnack?Action=SendMessage&MessageBody=%5B%7B%22uid%22%3A10086691%2C%22h%22%3A%22bzj529ipd%22%2C%22ip%22%3A%2289.249.64.203%22%2C%22b%22%3A%22Chrome%22%2C%22bv%22%3A89%2C%22os%22%3A%22Windows%22%2C%22d%22%3A%22desktop%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22r%22%3A%221600x1200%22%2C%22t%22%3A1623420043%2C%22vid%22%3A%22168850027092_5100414%22%2C%22et%22%3A%22view%22%2C%22n%22%3A%22%22%2C%22ref%22%3A%22https%253A%252F%252F21stcenturywire.com%252F%22%7D%5D
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bzj529ipd/embed/3aff5c77c950ba7e75dd9b937e43f176.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.46.137.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: abb04d0d8bfe25e0d56b25050baa316e1a75988aedc49f5ae5ab2e2422c8d8d2

Request headers

Referer: https://cdn.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Jun 2021 14:00:44 GMT
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId: 65abe673-b5af-59a0-890b-bf4edb6304da
Content-Length: 378
Content-Type: text/xml

GET
H/1.1 200
OK stats-bannersnack Show response
sqs.us-east-1.amazonaws.com/174496846625/ Frame 5FCF 378 B
658 B 1527ms
107ms XHR
text/xml 52.46.137.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/174496846625/stats-bannersnack?Action=SendMessage&MessageBody=%5B%7B%22uid%22%3A10086691%2C%22h%22%3A%22bzj529ipd%22%2C%22ip%22%3A%2289.249.64.203%22%2C%22b%22%3A%22Chrome%22%2C%22bv%22%3A89%2C%22os%22%3A%22Windows%22%2C%22d%22%3A%22desktop%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22r%22%3A%221600x1200%22%2C%22t%22%3A1623420043%2C%22vid%22%3A%22168850027092_5100762%22%2C%22et%22%3A%22view%22%2C%22n%22%3A%22%22%2C%22ref%22%3A%22https%253A%252F%252F21stcenturywire.com%252F%22%7D%5D
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bzj529ipd/embed/3aff5c77c950ba7e75dd9b937e43f176.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.46.137.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 85abc77df87600d082d172e251ec152490b501f6c32d9bd2f7061b461e1897f5

Request headers

Referer: https://cdn.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Jun 2021 14:00:44 GMT
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId: 61df0597-cb9e-56cb-b6ff-5caaa5521bb1
Content-Length: 378
Content-Type: text/xml

GET
H/1.1 200
OK stats-bannersnack Show response
sqs.us-east-1.amazonaws.com/174496846625/ Frame E604 378 B
658 B 1633ms
106ms XHR
text/xml 52.46.137.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/174496846625/stats-bannersnack?Action=SendMessage&MessageBody=%5B%7B%22uid%22%3A10086691%2C%22h%22%3A%22bhkm4pmcr%22%2C%22ip%22%3A%2289.249.64.203%22%2C%22b%22%3A%22Chrome%22%2C%22bv%22%3A89%2C%22os%22%3A%22Windows%22%2C%22d%22%3A%22desktop%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22r%22%3A%221600x1200%22%2C%22t%22%3A1623420043%2C%22vid%22%3A%22168850027092_414717%22%2C%22et%22%3A%22view%22%2C%22n%22%3A%22%22%2C%22ref%22%3A%22https%253A%252F%252F21stcenturywire.com%252F%22%7D%5D
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/3aff5c77c950ba7e75dd9b937e43f176.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.46.137.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e8e5c0cdd4c5fa0f1ea4a3d188ef7bd3443202ce3ffa320a09865ed9048170f5

Request headers

Referer: https://cdn.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Jun 2021 14:00:44 GMT
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId: 93383f56-1236-54b7-87ff-666b7cfa79cd
Content-Length: 378
Content-Type: text/xml

GET
H/1.1 200
OK embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.2a2fcc4dea3040476de5.js Show response
platform.twitter.com/embed/ Frame 05DE 118 KB
32 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.2a2fcc4dea3040476de5.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.fb42821a08b18a84ec62.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: c9307c34a252251e9c348244dcfbf2d211d055744f5cc8a5f976978c105ca5e0

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 19:45:37 GMT
Server: ECS (frb/668D)
Age: 62148
Etag: "5c39896ab50bd7a5d7c67bd2c9389765+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 31944

GET
H/1.1 200
OK embed.vendors~ondemand.Tweet.67da35b17ad4b2a06bba.js Show response
platform.twitter.com/embed/ Frame 05DE 16 KB
6 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.67da35b17ad4b2a06bba.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.fb42821a08b18a84ec62.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 2bdf6c85020bb63535b0afc6424e7c746f77f99316c73a448f92d739b92c3542

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 19:45:37 GMT
Server: ECS (frb/6725)
Age: 62148
Etag: "4b31ccfc9d98d0f2b641d67cd03bff6d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 5754

GET
H/1.1 200
OK embed.ondemand.Tweet.b64deed52e84e699efab.js Show response
platform.twitter.com/embed/ Frame 05DE 58 KB
14 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/embed.ondemand.Tweet.b64deed52e84e699efab.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.fb42821a08b18a84ec62.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 3087454ba62b98538c9c2d4e473096519c19e12a598c7af1bccfcba7c2e73bb4

Request headers

Referer: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=21WIRE&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VtYmVkX2NsaWNrYWJpbGl0eV8xMjEwMiI6eyJidWNrZXQiOiJjb250cm9sIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1402173915049435136&lang=en&origin=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&sessionId=f81a4b09c888d88f72539246567558e5d06b58b0&siteScreenName=21WIRE&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 19:45:37 GMT
Server: ECS (frb/6712)
Age: 62149
Etag: "80a205212f7dd8afb14905e3e373619c+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 13959

GET
H2 200 recommendations.load.f22fce76ee94f29aa709a0de464f3303.js Show response
c.disquscdn.com/next/recommendations/ Frame 75A5 923 B
1020 B 20ms
20ms Script
application/javascript 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.f22fce76ee94f29aa709a0de464f3303.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

65868622f5681b69bdab392fc96d26b6b57e966b4085e260a4d7dab6edc24acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329433
x-cache: Hit from cloudfront
content-length: 448
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-1c0"
content-type: application/javascript; charset=utf-8
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:10 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: m53oQK6otXTVjjv4SJKN6w1LHYELpZdAwLcOiZgjNuEnstXOy7E1-g==
x-cache-hits: 0

GET
H/1.1 200
OK stats-bannersnack Show response
sqs.us-east-1.amazonaws.com/174496846625/ Frame 63C9 378 B
658 B 1735ms
105ms XHR
text/xml 52.46.137.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/174496846625/stats-bannersnack?Action=SendMessage&MessageBody=%5B%7B%22uid%22%3A10086691%2C%22h%22%3A%22bx9fwkh72%22%2C%22ip%22%3A%2289.249.64.203%22%2C%22b%22%3A%22Chrome%22%2C%22bv%22%3A89%2C%22os%22%3A%22Windows%22%2C%22d%22%3A%22desktop%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22r%22%3A%221600x1200%22%2C%22t%22%3A1623420043%2C%22vid%22%3A%22168850027093_7550905%22%2C%22et%22%3A%22view%22%2C%22n%22%3A%22%22%2C%22ref%22%3A%22https%253A%252F%252F21stcenturywire.com%252F%22%7D%5D
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bx9fwkh72/embed/a0b6ae0587c62c21fa66a0c61fa9e893.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.46.137.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2b2b447fd394e345defd732f547dcc10fab2eb232c3e406a65c97fd6508f37ef

Request headers

Referer: https://cdn.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Jun 2021 14:00:44 GMT
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId: 3db7a798-4b45-5993-a739-fea52589e4e9
Content-Length: 378
Content-Type: text/xml

GET
H/1.1 200
OK stats-bannersnack Show response
sqs.us-east-1.amazonaws.com/174496846625/ Frame 847B 378 B
658 B 1827ms
107ms XHR
text/xml 52.46.137.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/174496846625/stats-bannersnack?Action=SendMessage&MessageBody=%5B%7B%22uid%22%3A10086691%2C%22h%22%3A%22bhkm4pmcr%22%2C%22ip%22%3A%2289.249.64.203%22%2C%22b%22%3A%22Chrome%22%2C%22bv%22%3A89%2C%22os%22%3A%22Windows%22%2C%22d%22%3A%22desktop%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22r%22%3A%221600x1200%22%2C%22t%22%3A1623420043%2C%22vid%22%3A%22168850027093_414903%22%2C%22et%22%3A%22view%22%2C%22n%22%3A%22%22%2C%22ref%22%3A%22https%253A%252F%252F21stcenturywire.com%252F%22%7D%5D
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bhkm4pmcr/embed/3aff5c77c950ba7e75dd9b937e43f176.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.46.137.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 719641fa4a8e111feaa56642a78f0d742f4da4447d2b15c0c6b28ac086c2a5fb

Request headers

Referer: https://cdn.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Jun 2021 14:00:45 GMT
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId: 136d7f79-29fe-52c2-9ec6-264447331fb8
Content-Length: 378
Content-Type: text/xml

GET
H/1.1 200
OK stats-bannersnack Show response
sqs.us-east-1.amazonaws.com/174496846625/ Frame AEE1 378 B
658 B 1936ms
107ms XHR
text/xml 52.46.137.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/174496846625/stats-bannersnack?Action=SendMessage&MessageBody=%5B%7B%22uid%22%3A10086691%2C%22h%22%3A%22bdxplhkx4%22%2C%22ip%22%3A%2289.249.64.203%22%2C%22b%22%3A%22Chrome%22%2C%22bv%22%3A89%2C%22os%22%3A%22Windows%22%2C%22d%22%3A%22desktop%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22r%22%3A%221600x1200%22%2C%22t%22%3A1623420043%2C%22vid%22%3A%22168850027093_5452897%22%2C%22et%22%3A%22view%22%2C%22n%22%3A%22%22%2C%22ref%22%3A%22https%253A%252F%252F21stcenturywire.com%252F%22%7D%5D
Requested by: Host: cdn.bannersnack.com
URL: https://cdn.bannersnack.com/banners/bdxplhkx4/embed/3aff5c77c950ba7e75dd9b937e43f176.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 52.46.137.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e158a2dae015bb3af7a3667695e1992c4f5cdb46d8c546a1ab30294d1d17dbcb

Request headers

Referer: https://cdn.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Jun 2021 14:00:45 GMT
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId: 7d335cf4-d542-5e75-a704-05c9bb8fe30f
Content-Length: 378
Content-Type: text/xml

GET
H2 200 common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js Show response
c.disquscdn.com/next/embed/ Frame 5223 282 KB
93 KB 20ms
20ms Script
application/javascript 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.a5921af07b365f6dfd62075d2dee3735.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2025b295509745f39f42f941f1f806395a81e23e146febbff2e85e00df651b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329427
x-cache: Hit from cloudfront
content-length: 94800
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-17250"
content-type: application/javascript; charset=utf-8
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: tlSMd3c-aebNl5cdmZFotGsG9Ws-4Ivac3dvHZrE0xpiUWRQmlkqhg==
x-cache-hits: 0

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 9931 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://21stcenturywire.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:14:26 GMT
x-content-type-options: nosniff
age: 261977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:14:26 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 9931 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://21stcenturywire.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 13:15:52 GMT
x-content-type-options: nosniff
age: 2691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jun 2022 13:15:52 GMT

GET
H2 200 tweet Show response
cdn.syndication.twimg.com/ Frame 05DE 764 B
1 KB 197ms
165ms XHR
application/json 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_tweet_embed_clickability_12102%3Acontrol&id=1402173915049435136&lang=en

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.fdf619f0ab7b0d65a156.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f / Express

Resource Hash

2ca97daa82864d78b59273cba4e809f7837700c927783aed129ee4d2d162471a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding: gzip
etag: W/"2fc-5QJrHf2eFarjco1yv+O7AYdjd2Q"
x-powered-by: Express
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
content-length: 514
x-xss-protection: 0
server: tsa_f
x-frame-options: SAMEORIGIN
date: Fri, 11 Jun 2021 14:00:43 GMT
vary: Origin, Accept-Encoding
x-tw-cdn: VZ, VZ
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
access-control-allow-credentials: true
x-connection-hash: a4cf8b0b39f40b17f711873382189838f49875a856bf880e644b12f72dec3f5f
x-content-type-options: nosniff
access-contol-allow-origin: platform.twitter.com

GET
H2 200 common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js Show response
c.disquscdn.com/next/recommendations/ Frame 75A5 262 KB
87 KB 22ms
21ms Script
application/javascript 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.f22fce76ee94f29aa709a0de464f3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1e73bd64edcf6b9b779802e3124b7c484db59493c8252fff3c2af5f8a0375434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329434
x-cache: Hit from cloudfront
content-length: 88889
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-15b39"
content-type: application/javascript; charset=utf-8
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: _yynprXOw35K4fkgvpbncFlFful3KlIjVAGA35Zb7eC1yLutzmohMQ==
x-cache-hits: 0

GET
H/1.1 200
OK resolve Show response
api-widget.soundcloud.com/ Frame 3E1B 5 KB
3 KB 109ms
108ms XHR
application/json 99.86.235.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/resolve?url=https%3A//api.soundcloud.com/tracks/1005066571&format=json&client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR&app_version=1623073487

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.235.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-235-49.vie50.r.cloudfront.net

Software

am/2 /

Resource Hash

61ee27a1064c03685ea20ddd09d8aec8bcf92513db7a3299a6dfbea80c907e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:43 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Amz-Cf-Pop: VIE50-C1
X-Cache: Miss from cloudfront
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 2458
access-control-allow-origin: https://w.soundcloud.com
referrer-policy: no-referrer
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
strict-transport-security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c3.cloudfront.net (CloudFront)
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: McbwJg_ipB8EKPcs8eNGIpAMjhfoJQ68j91MSjp98q7o_nyowzTK1w==

POST
H2 204 generic
trends.revcontent.com/event/ Frame A828 0
0 89ms
29ms Fetch 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://tempest.services.disqus.com
date: Fri, 11 Jun 2021 14:00:43 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ Frame A828 30 KB
12 KB 314ms
314ms Fetch
text/html 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=false&w=176833&width=610&rev_allow_cookies=0&site_url=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Frevcontent%2F%3Fposition%3Dtop%26shortname%3D21stcenturywire%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%2523cc9900%26colorScheme%3Dlight%26sourceUrl%3Dhttps%253A%252F%252F21stcenturywire.com%252F2019%252F07%252F15%252Fosint-for-dummies-how-to-mount-a-fake-investigation%252F%26typeface%3Dsans-serif%26canonicalUrl%3Dhttps%253A%252F%252F21stcenturywire.com%252F2019%252F07%252F15%252Fosint-for-dummies-how-to-mount-a-fake-investigation%252F%26disqus_version%3D5884b71&icr_url=&referer=https%3A%2F%2F21stcenturywire.com%2F&va=0&time=1623420043391&up=pc&bn=chrome&bv=89&widget_width=610

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

7fb6be34b9bb8979be1c976b1dc044b338c9a83792b98c5d94892a9b31c0acb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://tempest.services.disqus.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 12243

POST
H2 204 generic
trends.revcontent.com/event/ Frame 5B1C 0
0 88ms
30ms Fetch 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://tempest.services.disqus.com
date: Fri, 11 Jun 2021 14:00:43 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ Frame 5B1C 30 KB
12 KB 342ms
342ms Fetch
text/html 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=false&w=176831&width=610&rev_allow_cookies=0&site_url=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Frevcontent%2F%3Fposition%3Dbottom%26shortname%3D21stcenturywire%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%2523cc9900%26colorScheme%3Dlight%26sourceUrl%3Dhttps%253A%252F%252F21stcenturywire.com%252F2019%252F07%252F15%252Fosint-for-dummies-how-to-mount-a-fake-investigation%252F%26typeface%3Dsans-serif%26canonicalUrl%3Dhttps%253A%252F%252F21stcenturywire.com%252F2019%252F07%252F15%252Fosint-for-dummies-how-to-mount-a-fake-investigation%252F%26disqus_version%3D5884b71&icr_url=&referer=https%3A%2F%2F21stcenturywire.com%2F&va=0&time=1623420043393&up=pc&bn=chrome&bv=89&widget_width=610

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

2bc364a6d0d81817d6670872d0cb437d1a70002d45c355a37c21f8c20d7f18a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://tempest.services.disqus.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 12292

GET
H2 200 lounge.567531e1abfac5c88f2ef94b952d12ba.css
c.disquscdn.com/next/embed/styles/ Frame 5223 158 KB
26 KB 20ms
20ms Stylesheet
text/css 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58e8635e959ce8b5383dcbf9dd50fda2f6a0aeef426760854dfdb2548a3b77fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329427
x-cache: Hit from cloudfront
content-length: 25570
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-63e2"
content-type: text/css; charset=utf-8
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: 5tvi_VwNpa5oMviz7EiB_oVDvOX9ddmJKFRDGM773nCYyiUOoYQSJA==
x-cache-hits: 0

GET
H2 200 lounge.bundle.ac702132ea5e06471da27768120c5978.js Show response
c.disquscdn.com/next/embed/ Frame 5223 467 KB
118 KB 21ms
20ms Script
application/javascript 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d42a5154973ce1847b0f60cd27dbde653347daf6169ed714e2f4a71a87f33a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329427
x-cache: Hit from cloudfront
content-length: 120382
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-1d63e"
content-type: application/javascript; charset=utf-8
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: p11nFnIg4RYCnzkaQt2k35ssxOvQNpGIXlYKNe-TB4uQY-QzJYKnvQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 5223 12 KB
12 KB 8ms
7ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

481e97c1373314243ac83c1b1c9f466b9ce65b95f5fd4b82538f032d976820a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:43 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 50
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11965
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ Frame 75A5 17 KB
4 KB 20ms
19ms Stylesheet
text/css 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 10:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3124168
x-cache: Hit from cloudfront
content-length: 3748
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-ea4"
content-type: text/css; charset=utf-8
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 10:11:15 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: tP986jmR-b80TxxKg8-WN6P1eW01SLWo7VCkdAF5_6pKRKSBUry_Fg==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.8476f2bb7473dc28853e21b0f06cc058.js Show response
c.disquscdn.com/next/recommendations/ Frame 75A5 65 KB
20 KB 20ms
20ms Script
application/javascript 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.8476f2bb7473dc28853e21b0f06cc058.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0932077174a2d9a267a1458d40842414ee1f7c8e91b9230a9f32343b39b6587d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329434
x-cache: Hit from cloudfront
content-length: 20101
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-4e85"
content-type: application/javascript; charset=utf-8
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: 4j85p28wA4mFB7zxKmXJGGF472NKGZhRwwdJZ2Hmj50tvnTGW0cwIQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 75A5 12 KB
12 KB 9ms
8ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

481e97c1373314243ac83c1b1c9f466b9ce65b95f5fd4b82538f032d976820a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/recommendations/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:43 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 50
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11965
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 5223 3 KB
3 KB 108ms
107ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=21stcenturywire&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

700dc82bfbe0606dc64d268df3e79f962f18ed04b5dc9b0e1dba0b6f59331e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:43 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3101
X-XSS-Protection: 1; mode=block

GET
H2 200 artworks-s3MGvR0dbMqVIRYI-cZzcrQ-t500x500.jpg
i1.sndcdn.com/ Frame 3E1B 31 KB
31 KB 105ms
35ms Image
image/jpeg 13.32.2.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-s3MGvR0dbMqVIRYI-cZzcrQ-t500x500.jpg
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1005066571&color=%23cc9900&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-104.vie50.r.cloudfront.net
Software: /
Resource Hash: 580a2580a9818d6c9e2c3843d967df5c609f7177f3a653b16b8a7a356f4a3630

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 11:10:54 GMT
via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
age: 3120589
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3628800
x-cache: Hit from cloudfront
x-amz-cf-pop: VIE50-C2
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 31503
x-amz-cf-id: fCQEzuxi0d5sd3zz7YwxclJZkUJ3DlF1T4ebKmbXuX_sTaF_NkdhNQ==

GET
H2 200 share-b41e1876.svg
widget.sndcdn.com/assets/images/ Frame 3E1B 1 KB
1 KB 32ms
31ms Image
image/svg+xml 99.86.241.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.sndcdn.com/assets/images/share-b41e1876.svg
Requested by: Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1005066571&color=%23cc9900&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-72.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b8791800987b9daa27029db8bf4599bd773b3110a72a4f5d1ea664509a74e65

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 01:08:52 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 10414312
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 09 Feb 2021 10:32:49 GMT
server: AmazonS3
etag: W/"9423d7e2eeb4c8673077486ceea2e516"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
via: 1.1 19e8b9893b6330d5d62599a448aea7db.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: BaVU-_QfLp3REftgrF1AMfYttIwLenb3QUQI0eKZcI2uPrexV6WX9A==

GET
DATA 200
OK truncated
/ Frame 3E1B 43 KB
43 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3e74dbd9087c9f65fc9dd5ee31569b89224f667cab7edafd6ba15890201c2d

Request headers

Origin: https://w.soundcloud.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2 200 artworks-s3MGvR0dbMqVIRYI-cZzcrQ-t500x500.jpg
i1.sndcdn.com/ Frame 3E1B 31 KB
31 KB 100ms
37ms Image
image/jpeg 13.32.2.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-s3MGvR0dbMqVIRYI-cZzcrQ-t500x500.jpg
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-0-d7ceca0f9828.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-104.vie50.r.cloudfront.net
Software: /
Resource Hash: 580a2580a9818d6c9e2c3843d967df5c609f7177f3a653b16b8a7a356f4a3630

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 11:10:54 GMT
via: 1.1 412b915bb2572a86aaa8bdf21eb381fc.cloudfront.net (CloudFront)
age: 3120589
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3628800
x-cache: Hit from cloudfront
x-amz-cf-pop: VIE50-C2
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 31503
x-amz-cf-id: uTNgI-G2dYemYXezGOTFyi45ZzoqXihoGhwANl0SuQ5Hl8Ka9nWTJg==

GET
H/1.1 200
OK hls Show response
api-widget.soundcloud.com/media/soundcloud:tracks:1005066571/c0c40fad-ccb5-487c-853f-dbc2320cd8ab/stream/ Frame 3E1B 697 B
1 KB 79ms
78ms XHR
application/json 99.86.235.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/media/soundcloud:tracks:1005066571/c0c40fad-ccb5-487c-853f-dbc2320cd8ab/stream/hls?client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.235.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-235-49.vie50.r.cloudfront.net

Software

am/2 /

Resource Hash

5060d42d7caa80f7e6ed3e03c75386a78adc2f8e5c6318e0860b737b526cfecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:43 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Amz-Cf-Pop: VIE50-C1
X-Cache: Miss from cloudfront
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 588
access-control-allow-origin: https://w.soundcloud.com
referrer-policy: no-referrer
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
strict-transport-security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c3.cloudfront.net (CloudFront)
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: F4Mm4ZbZjecYW8hlk7dMu3U6dtmmGCAC13_n4f4JL5vX5UiigGCdgQ==

GET
H2 200 artworks-s3MGvR0dbMqVIRYI-cZzcrQ-t500x500.jpg
i1.sndcdn.com/ Frame 3E1B 31 KB
31 KB 69ms
58ms Image
image/jpeg 13.32.2.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-s3MGvR0dbMqVIRYI-cZzcrQ-t500x500.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-104.vie50.r.cloudfront.net
Software: /
Resource Hash: 580a2580a9818d6c9e2c3843d967df5c609f7177f3a653b16b8a7a356f4a3630

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 11:10:54 GMT
via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
age: 3120589
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3628800
x-cache: Hit from cloudfront
x-amz-cf-pop: VIE50-C2
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 31503
x-amz-cf-id: 3rb9N9SXY93JNqpKyg9UlU__rlq5vloQ5Vj9GmdRB391od2QRFLorQ==

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 75A5 3 KB
3 KB 20ms
16ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=21stcenturywire&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

700dc82bfbe0606dc64d268df3e79f962f18ed04b5dc9b0e1dba0b6f59331e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:43 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3101
X-XSS-Protection: 1; mode=block

GET
H2 200 jot
syndication.twitter.com/i/ Frame 05DE 43 B
374 B 135ms
134ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1623420043635%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%2221WIRE%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%2221WIRE%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%228e776e621%3A1622224359557%22%2C%22item_ids%22%3A%5B%221402173915049435136%22%5D%2C%22item_details%22%3A%7B%221402173915049435136%22%3A%7B%22item_type%22%3A0%7D%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 11 Jun 2021 14:00:43 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 5565cb2dfc7943a58104ef356453f90a4888b3f7e640fb0e3bd30030e5513b38
x-transaction: 947ececef5d50ecb
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK /
analytics.mailmunch.co/event/ 35 B
344 B 350ms
115ms Image
image/gif 52.203.96.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.mailmunch.co/event/?site_id=653704&widget_id=792379&event_name=views&cache=1623420043654&referrer=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&visitor_id=4bb81d52-6300-4b2e-868d-70ac00df38ad
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.96.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-96-188.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:43 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 artworks-s3MGvR0dbMqVIRYI-cZzcrQ-t500x500.jpg
i1.sndcdn.com/ Frame 3E1B 31 KB
31 KB 36ms
35ms Image
image/jpeg 13.32.2.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/artworks-s3MGvR0dbMqVIRYI-cZzcrQ-t500x500.jpg
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-0-d7ceca0f9828.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-104.vie50.r.cloudfront.net
Software: /
Resource Hash: 580a2580a9818d6c9e2c3843d967df5c609f7177f3a653b16b8a7a356f4a3630

Request headers

Origin: https://w.soundcloud.com
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 11:10:54 GMT
via: 1.1 412b915bb2572a86aaa8bdf21eb381fc.cloudfront.net (CloudFront)
age: 3120589
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3628800
x-cache: Hit from cloudfront
x-amz-cf-pop: VIE50-C2
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 31503
x-amz-cf-id: Luz9sccgaK4iSWz8BYS42aLorJ9sfkIoRcXfXc7uNS2tgJ5jjE2QKg==

GET
H2 200 playlist.m3u8 Show response
cf-hls-media.sndcdn.com/playlist/hRKArCsoBtrI.128.mp3/ Frame 3E1B 95 KB
3 KB 212ms
143ms XHR
audio/mpegurl 99.86.241.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf-hls-media.sndcdn.com/playlist/hRKArCsoBtrI.128.mp3/playlist.m3u8?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKjovL2NmLWhscy1tZWRpYS5zbmRjZG4uY29tL3BsYXlsaXN0L2hSS0FyQ3NvQnRySS4xMjgubXAzL3BsYXlsaXN0Lm0zdTgiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE2MjM0MjE1NTh9fX1dfQ__&Signature=A4z2TxAg9Drv0nMoE9vdPRIK~lI-a1pzSqa141MA9fsg9Tqw5p2hVm7gAYdxvqdTVrQY7KEAZBuzdH8HRjnH0dqrNtPI95qpHULQAhxR~rabVur3OWG2br~kFhca3Lq1rwoiiMEB1mYUEU8ZGkdLxPe9v0fcJl8DBnNNCNLu5pnl80YPenhprN4Dt87MRy209b9NYulSa4U7ttfBeYc-Qp~yADz2JFudDPDngZyFZwFxpkPY0cc4-cU-T3SMRYpHO7QWLm0EziDzRsdnXrUnqKO8x2~FqDhMlBfofnX77MfCqKb~BTRpbyoIRX0U4tDELrEyvGJkoXEiEMTsm9GWFQ__&Key-Pair-Id=APKAI6TU7MMXM5DG6EPQ

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.241.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-241-23.vie50.r.cloudfront.net

Software

am/2 /

Resource Hash

68badc59f07b6d172439af0b5f16f07881223c2d92bded55430f564f823362a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
allow: GET, OPTIONS
x-sc-cache: Hit
server: am/2
etag: 2e008685ae7c2d26b56de1cb089b0b9b94e0a913
strict-transport-security: max-age=63072000
access-control-allow-methods: GET, OPTIONS
content-type: audio/mpegurl
via: 1.1 7c17b3af9cda4d5f0ff45961b7be9fdc.cloudfront.net (CloudFront)
cache-control: no-cache
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type, Origin, X-SC-Auth
x-amz-cf-id: 1JwXknI7lhdyXlbYEMFd8pyykEnSyoGNe2dGCb5My5nwj43aK6wvDQ==

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/survey/ Frame FA84 14 KB
6 KB 119ms
119ms Document
text/html 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=21stcenturywire&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23cc9900&colorScheme=light&sourceUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&disqus_version=5884b71
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: bcd3396237a36c2f754c327b10910edb09eda6e4d53dfe880a55d9feba8d799e

Request headers

Host: tempest.services.disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: disqus_unique=34fqo5m2vjfm16
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default

Response headers

Connection: keep-alive
Content-Length: 5391
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-Service: router
Content-Encoding: gzip
Date: Fri, 11 Jun 2021 14:00:43 GMT
Age: 0
Vary: Accept-Encoding,

GET
H2 200 noavatar92.png
a.disquscdn.com/1623278138/images/ Frame 5223 2 KB
2 KB 28ms
7ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1623278138/images/noavatar92.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 59382
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: image/png
content-length: 1644
x-amz-cf-id: gwmSf1x2XUK5RFUWYP4jpFLceRy4By5JB4czoOElTiAUynV9vSJviw==
expires: Sat, 10 Jul 2021 21:31:02 GMT

GET
DATA 200
OK truncated
/ Frame 5223 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 5223 43 B
295 B 102ms
101ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34hlpj72er0ff8&experiment=network_default&variant=fallthrough&service=dynamic&area=lightbox&product=embed&forum=21stcenturywire&zone=thread&page_url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&page_referrer=https%3A%2F%2F21stcenturywire.com%2F&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=2099916

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 hRKArCsoBtrI_m.json Show response
wave.sndcdn.com/ Frame 3E1B 7 KB
2 KB 358ms
39ms XHR
application/json 99.86.241.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.sndcdn.com/hRKArCsoBtrI_m.json
Requested by: Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.241.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-241-13.vie50.r.cloudfront.net
Software: /
Resource Hash: 40b9375395220091be1fbf14a62c523e55bfae7050b1fd002b83652708975bd6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 22:15:09 GMT
content-encoding: gzip
age: 7919134
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=155520000
x-cache: Hit from cloudfront
x-amz-cf-pop: VIE50-C1
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 2066
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
x-amz-cf-id: UvIrgEvk86O8yCwwJ-TyD_4mQJig55B--Gz5veMmpUDgqX_HVUYxlw==

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 5223 13 KB
13 KB 20ms
20ms Image
image/svg+xml 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3799382
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: aecVvA4gnWPgtQXSMwVU8_7nbpld3s4jaKIbfaSUomcLAtgKo4jZYA==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 5223 3 KB
3 KB 20ms
20ms Image
image/gif 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 11091756
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: b2ORB_ySTzIvC64_Dc7w-iEgaOlqFDzKxFxLwoiGLvmOJRUrDw_bMg==
x-cache-hits: 0

GET
H2 200 sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame 5223 2 KB
2 KB 20ms
20ms Image
image/png 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 06:58:50 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3999713
x-cache: Hit from cloudfront
content-length: 1862
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 22 Apr 2021 19:20:03 GMT
server: nginx
etag: "6081cc63-746"
content-type: image/png
access-control-allow-origin: *
expires: Tue, 26 Apr 2022 06:58:50 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: rqYpZH2gfFo9f1GhnC2svULp9D7MsHz-X9k9z2hG5yT2GD3ytaz4RQ==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 5223 8 KB
8 KB 21ms
21ms Font
application/octet-stream 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:33 GMT
via: 1.1 1a276be771f01064831eea4851319c28.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3301149
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 04 May 2022 09:01:33 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: tv2J213ur7_6fJJBSZxT2MO7Erh6y-PzBKQxdCBrjO-3PSIPLRPqfQ==
x-cache-hits: 0

GET
H2 200 4nNhsvy9_normal.png
pbs.twimg.com/profile_images/1112335024437805056/ Frame 05DE 6 KB
6 KB 9ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1112335024437805056/4nNhsvy9_normal.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E0) /

Resource Hash

f480bfb80122d44b2974ad8c307dcae8e817d7e7aaeb67375912c80ca508806a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
x-content-type-options: nosniff
age: 108782
x-cache: HIT
content-length: 6215
x-response-time: 117
surrogate-key: profile_images profile_images/bucket/8 profile_images/1112335024437805056
last-modified: Sun, 31 Mar 2019 12:43:10 GMT
server: ECS (frb/67E0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5e9f530076109e3043ecfa6e93732c4f3571c60205789e814a4c869760c81cb1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame 75A5 6 KB
7 KB 218ms
218ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=21stcenturywire&thread=ident%3A139357+https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d071c1a5bb04545ecf4737776b084fbd02df67f070acdea5eabad4b14ea7beb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:44 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 6596
X-XSS-Protection: 1; mode=block

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 20ms
20ms Script
application/javascript 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: 21stcenturywire.disqus.com
URL: https://21stcenturywire.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3191713
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 15:25:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
timing-allow-origin: *
x-amz-cf-id: sx6_jAl_DpF3N2z62duo3sQ3loxeOacnXhnJQTNVv9Aai9G7yb-4Qw==
x-cache-hits: 0

GET
H/1.1 200
OK comments Show response
api-widget.soundcloud.com/tracks/1005066571/ Frame 3E1B 863 B
1 KB 101ms
101ms XHR
application/json 99.86.235.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-widget.soundcloud.com/tracks/1005066571/comments?filter_replies=1&threaded=0&limit=100&offset=0&linked_partitioning=1&format=json&client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR&app_version=1623073487

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.235.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-235-49.vie50.r.cloudfront.net

Software

am/2 /

Resource Hash

21db4a2bde7aac266b734eb132698c7b09881732ccebfbd68b0ac6033d181b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:44 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
X-Amz-Cf-Pop: VIE50-C1
X-Cache: Miss from cloudfront
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
Connection: keep-alive
Vary: Origin
Content-Length: 492
access-control-allow-origin: https://w.soundcloud.com
referrer-policy: no-referrer
Server: am/2
x-frame-options: DENY
access-control-max-age: 1728000
strict-transport-security: max-age=63072000
Content-Type: application/json; charset=utf-8
Via: 1.1 ef3fdf4c8ab8a4babeb402e6d03ee7c3.cloudfront.net (CloudFront)
access-control-expose-headers: Date
Cache-Control: private, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id: QHjm_Yg4fo0WeJglM8bQLdUVYo--rYM4Ek-Ula_efpTJ4Vk3SREN5w==

GET
H2 200 noavatar92.png
a.disquscdn.com/1623278138/images/ Frame 5223 2 KB
2 KB 7ms
7ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1623278138/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 59382
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: image/png
content-length: 1644
x-amz-cf-id: gwmSf1x2XUK5RFUWYP4jpFLceRy4By5JB4czoOElTiAUynV9vSJviw==
expires: Sat, 10 Jul 2021 21:31:02 GMT

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/revcontent/ Frame 1D49 13 KB
5 KB 118ms
117ms Document
text/html 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/revcontent/?position=inthread&shortname=21stcenturywire&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23cc9900&colorScheme=light&sourceUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&disqus_version=5884b71
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: d4515da512fd02b4bfb537c6510258cee2ffe406014f55dbf1b834b22d63d47b

Request headers

Host: tempest.services.disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: disqus_unique=34fqo5m2vjfm16
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default

Response headers

Connection: keep-alive
Content-Length: 4875
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-Service: router
Content-Encoding: gzip
Date: Fri, 11 Jun 2021 14:00:44 GMT
Age: 0
Vary: Accept-Encoding,

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 5223 43 B
295 B 108ms
107ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34hlpj72er0ff8&experiment=network_default&variant=fallthrough&service=dynamic&area=inthread&product=embed&forum=21stcenturywire&zone=thread&page_url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&page_referrer=https%3A%2F%2F21stcenturywire.com%2F&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=2099916

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

POST
H2 204 impression
trends.revcontent.com/event/ Frame A828 0
0 31ms
31ms Fetch 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/impression
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://tempest.services.disqus.com
date: Fri, 11 Jun 2021 14:00:44 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 /
img.revcontent.com/ Frame A828 20 KB
20 KB 29ms
9ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
last-modified: Wed, 01 Jul 2020 17:13:25 GMT
etag: "1593623605"
x-hw: 1623420044.cds003.fr8.hn,1623420044.cds260.fr8.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20438

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ Frame A828 4 KB
4 KB 728ms
22ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
last-modified: Mon, 07 Jun 2021 16:54:11 GMT
etag: "1623084851"
x-hw: 1623420044.cds080.lo4.hn,1623420044.cds256.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=55
accept-ranges: bytes
content-length: 4298

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 5223 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9fde0fccc9a127b51fb6dee14fcde059a8d05883017a88c38d370c675c296898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3cc0B2PicmnKg1PIUyl4Ew==
cross-origin-resource-policy: cross-origin
expires: Fri, 11 Jun 2021 14:08:13 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: 5nA6Ee25ZYbfXYdWfpiD5S7mfrK3hCz/6uCqGiOGuxxEOfIL2eCfyzfILVliu0K6EiaTn1jyp9RaA9jlscgOhw==
x-fb-trip-id: 686109401
x-fb-content-md5: acfed833d532f1006a124fef97b87209
date: Fri, 11 Jun 2021 14:00:44 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ce704dce2c79378d496b9eeec06b7c49"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 api.js Show response
apis.google.com/js/ Frame 5223 12 KB
6 KB 47ms
25ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b264ca556a09a341d7d8c2ee64e63e0003b32c24ff4ce2b64c202e5b6ab140f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IfkICTBL+J1VHuiGffF/yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "79224003c2b5597899d15c3a85e46734"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-IfkICTBL+J1VHuiGffF/yA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 11 Jun 2021 14:00:44 GMT

POST
H2 204 impression
trends.revcontent.com/event/ Frame 5B1C 0
0 32ms
31ms Fetch 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/impression
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://tempest.services.disqus.com
date: Fri, 11 Jun 2021 14:00:44 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 /
img.revcontent.com/ Frame 5B1C 20 KB
20 KB 17ms
15ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
last-modified: Wed, 01 Jul 2020 17:13:25 GMT
etag: "1593623605"
x-hw: 1623420044.cds003.fr8.hn,1623420044.cds260.fr8.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20438

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ Frame 5B1C 4 KB
4 KB 709ms
23ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
last-modified: Mon, 07 Jun 2021 16:54:11 GMT
etag: "1623084851"
x-hw: 1623420044.cds080.lo4.hn,1623420044.cds256.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=55
accept-ranges: bytes
content-length: 4298

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 5223 13 KB
13 KB 20ms
20ms Image
image/svg+xml 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3799383
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: bC4yINsj3p_YgqpdbYZT_8zc89lF8uoyi-oBOtQ1zZE6TTgM9ekLig==
x-cache-hits: 0

GET
H2 200 hRKArCsoBtrI.128.mp3 Show response
cf-hls-media.sndcdn.com/media/0/31762/ Frame 3E1B 31 KB
31 KB 55ms
55ms Fetch
audio/mpeg 99.86.241.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf-hls-media.sndcdn.com/media/0/31762/hRKArCsoBtrI.128.mp3?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKjovL2NmLWhscy1tZWRpYS5zbmRjZG4uY29tL21lZGlhLyovKi9oUktBckNzb0J0ckkuMTI4Lm1wMyIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTYyMzQyMTU1OH19fV19&Signature=SqFbnspns609oq1~WSoN1hdKOw2cjFeGoi~HBNleJwGdiIWrnQf6pZiTq-HQRhpmkPw-GbJSW0pqu31b7U2tIWWiR7V8VLUsDxdgo2li653ml2rfVgs6sXayQgI1TujBH~Aiot7dfAuca7uSVsFQHpGxp1dAYZvGPzsl4s5hfSctoKo~7HV48mdfl-7~CIT2GflRxKQ-BEx2cq1vXIB2VE5EpO2J3El72XpWBvbJhmaS6U6zprFo140EjE2ddBxPshp552QjvYjPT-rhF3VdRP3QWtLVpIFQZNVVkA7zQhWXkjrjqz0~tlSuoHh8TUZsNeg1NEaBkWruia9AMTKW3Q__&Key-Pair-Id=APKAI6TU7MMXM5DG6EPQ

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.241.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-241-23.vie50.r.cloudfront.net

Software

am/2 /

Resource Hash

413f3215369b7f46a64642f2cd217ebf4a131846af15442e9cbc16b186061f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 20:13:46 GMT
via: 1.1 7c17b3af9cda4d5f0ff45961b7be9fdc.cloudfront.net (CloudFront)
server: am/2
age: 64017
accept-ranges: bytes
allow: GET, OPTIONS
access-control-allow-methods: GET, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: VIE50-C1
strict-transport-security: max-age=63072000
access-control-allow-headers: Accept, Authorization, Content-Type, Origin, X-SC-Auth
content-length: 31763
x-amz-cf-id: azDQTDMhNobdan53hYXtYbES0rLosj7mWvnuVb8T_OrYWZGnAiPzxA==

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
128 B 81ms
59ms Image
image/gif 2606:4700::6810:a40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=2.5956101376124776
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
cf-cache-status: HIT
age: 8
cf-ray: 65db5e0bede8d6b1-FRA
content-length: 43
x-amz-id-2: HZt5TVgQAq45JR1EYO5+vLByFMtnRD08KtfskBpAxyM4ezIEhe8YPIfl3SW66SEIG9bi7l7CuRc=
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: MQDRM63QZQ5N3ES6
cache-control: max-age=15, must-revalidate
cf-request-id: 0a9cf91b710000d6b1d1b89000000001
accept-ranges: bytes
content-type: image/gif

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
464 B 58ms
36ms Image
image/gif 2606:4700::6810:a40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=2.5956101376124776
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
cf-cache-status: HIT
age: 8
cf-ray: 65db5e0bedeed6b1-FRA
content-length: 43
x-amz-id-2: HZt5TVgQAq45JR1EYO5+vLByFMtnRD08KtfskBpAxyM4ezIEhe8YPIfl3SW66SEIG9bi7l7CuRc=
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: MQDRM63QZQ5N3ES6
cache-control: max-age=15, must-revalidate
cf-request-id: 0a9cf91b720000d6b10f239000000001
accept-ranges: bytes
content-type: image/gif

GET
H2 200 prebid.4.42.1.js Show response
c.disquscdn.com/js/dist/ Frame FA84 325 KB
99 KB 20ms
19ms Script
application/javascript 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/js/dist/prebid.4.42.1.js

Requested by

Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=21stcenturywire&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23cc9900&colorScheme=light&sourceUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&disqus_version=5884b71

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

664151db09e75d1bfa1da782f064245566b25b3a73f48ada211cce019a994f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 22:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56440
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
content-length: 100908
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Thu, 10 Jun 2021 20:17:43 GMT
server: nginx
etag: "60c27367-18a2c"
content-type: application/javascript; charset=utf-8
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
expires: Sat, 10 Jul 2021 22:20:04 GMT
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: VpS-SXpo2nfBbduvUEpYbaXCsPSZ-FPO8kxUiDwniVy4hVWc8SGcbg==
x-cache-hits: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 101ms
101ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34hlpj72er0ff8&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=21stcenturywire&zone=thread&version=a5921af07b365f6dfd62075d2dee3735&page_url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&page_referrer=&object_type=advertisement&provider=revcontent&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B160465%5D&section=default&verb=load&advertisement_id=160465&forum_id=2099916

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 107ms
102ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34hlpj72er0ff8&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=21stcenturywire&zone=thread&version=a5921af07b365f6dfd62075d2dee3735&page_url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&page_referrer=&object_type=advertisement&provider=revcontent&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B160465%5D&section=default&verb=load&advertisement_id=160465&forum_id=2099916

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 5223 220 KB
65 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6d915dd7dfb8d12e71575522c27a214a&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc633226d9c742527b67f6a5de26d8e7f14292c0c96f6272377a1927c5712fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 6bkgB/dGeTwAmp6Qf8pnjA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 66128
x-fb-rlafr: 0
x-fb-debug: PbsSBvLaoVU0/kr/W232bI7tFaUelA+C9dyNE2vjKq62TEyg0tDa9HoD9R1DNEFx4jVolgKVbiQ95JXbzqT/7Q==
x-fb-content-md5: 578b2e36f2f59b9e5fa09c9abad215cc
x-frame-options: DENY
date: Fri, 11 Jun 2021 14:00:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d23a87f1e1d68db7483ba301f85dba2a"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 11 Jun 2022 12:22:50 GMT

GET
H2 200 avatars-jnHkvr1SOORA3wba-7ZLmmw-t20x20.jpg
i1.sndcdn.com/ Frame 3E1B 805 B
1 KB 32ms
32ms Image
image/jpeg 13.32.2.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.sndcdn.com/avatars-jnHkvr1SOORA3wba-7ZLmmw-t20x20.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-104.vie50.r.cloudfront.net
Software: /
Resource Hash: 4843d7f7ffb8e95f3cd83f22f6ac9e8f03373c0c965a0e0fad52aa99ff2ec548

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 18:09:49 GMT
via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
age: 1799455
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3628800
x-cache: Hit from cloudfront
x-amz-cf-pop: VIE50-C2
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length: 805
x-amz-cf-id: noQVxjgwoWYHlTbc3t8XZdgMVXCy_lXjSHEF9qsFH0jvmo3TJ2ueQQ==

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame 5223 103 KB
34 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fa4708138b3bf07311428cc3e0fd918d3db13e4e1c923927f25f1260b98024c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 14:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35022
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 14:22:34 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 75A5 10 KB
11 KB 24ms
22ms Image
image/jpeg 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2F21stcenturywire.com%2Fwp-content%2Fuploads%2F2021%2F06%2FVaccine-Safety.jpg&key=PfxQCgkZwIoQLHIMHk8VLg&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5755b0e6d610e8aacab161ad2e8f6e51666a1d3d4a06efd40d951231a4ed2c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 14:23:19 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
age: 348980
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 9989
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JVp3BCnc8v9KRUVvxUaXaAAOZUuMI2bAq7nTyP%2BSculMngtL%2FwhGRJoDN2OZ8paLi3H60N2hsjptijjwVf1TNrBG%2BycHYsyPOEh83g0EqZchjQg9JjcchjiCwgvU9cWR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: MzT6x0g0AcLvwdkEHWXg1bAquJ43PaxQHMhTYLPFT9mdBzlyPDHReQ==
expires: Wed, 07 Jul 2021 14:23:19 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 75A5 14 KB
15 KB 25ms
23ms Image
image/jpeg 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2F21stcenturywire.com%2Fwp-content%2Fuploads%2F2021%2F05%2FVACCINE-CENSORSHIP.jpg&key=NF4Aye8dr9_4_g6R5pB4ww&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

54b7664eb55bfd7affe18e0fad8d2474dfae3a025586e98b7f15ee183a3dfcdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 14:46:02 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
age: 1208248
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 14719
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9GIQ7b5PaNie%2BwKOYRIgAHDKZ3XEnYh2Ls7%2FtWnHTrRTHQOO1Qz%2FVGMxHX4OHjHCVApPK2mzYjX3thGuug4qwosoVKbGbBocG0R6Eo7a%2Bd6sjBWv20ivJg5uUetJcO78"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: tJ_nwgdNSWVy6yXipNQ6DmFTjqHzzqKOPyE5RVWWAuhIY7dbqekQPw==
expires: Mon, 28 Jun 2021 14:46:02 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 75A5 107 KB
108 KB 27ms
25ms Image
image/png 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2F21stcenturywire.com%2Fwp-content%2Fuploads%2F2021%2F06%2FSARS-CoV2_Terrain-Theory.png&key=EOhCOSsOD9mSIEvdOCIQEA&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f8e63cd8b99c11281170916dbf1625b1458926a51523bdabbf16681c82a7245e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 21:23:35 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
age: 162970
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 109429
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7rhc0X%2FFR51Kn7M0n85wQzNnHNsaq5xy2KtpWKpSEU18lKGbMduvbtrtHUH2is%2FHSh%2BflAzpTTAFOxkVOKC9GcIBTy3mQsWeI0qF2ABLnGKG207ajlSoaWI5WHMIV9mZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: ioSO8FzsquR67PneNtk3wcvVhib8AjNfFiC20sN7EARiZziBIIZCnA==
expires: Fri, 09 Jul 2021 21:23:35 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 75A5 13 KB
13 KB 25ms
24ms Image
image/jpeg 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2F21stcenturywire.com%2Fwp-content%2Fuploads%2F2021%2F05%2FFacebook-Vaccine-censorship.jpg&key=2ezpHvVvwAA6csW97hXt5w&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bb50ca73a55f8a84486b6070d15c9330e02d4e929155a6bc9f7a87106032ead0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 16:16:22 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
age: 1301840
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 12851
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WBkhCoqb%2BQz7u7jc1P6xuHtiXliEfCyQ%2FQyqLUskSs049V0ZZ3cft2Wi5Yh9BciZpS1%2BKdUWT3y09GpJXISsdM23h7GzFuXhgpHAiejJY7j7AZKjS9nJEvVIMuoc9%2Fj8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: qSqpckAy4dEmWcbWYRIQmSq2atLY_DgbjyigcLGxcwsbMmaQZYMDJQ==
expires: Sun, 27 Jun 2021 16:16:22 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 75A5 11 KB
12 KB 26ms
25ms Image
image/jpeg 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2F21stcenturywire.com%2Fwp-content%2Fuploads%2F2021%2F05%2F21_AV7-Ian-Crane_0252.jpg&key=ci7SRxrCODtwDvEbOQ6_5w&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1596bf431da82e367b21387e1ae7cdc4eeae1bee4d2a4c4a4c7ccec4e6d61191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 23:02:41 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
age: 1193392
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 11770
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PESSXgmyr%2BbRVcZRWe3N8gKgGfewaHIuT1%2FV04%2B1DubnPNgFv39kqC3o5jDJiVk3ygNH%2FC7FmsM9X%2Bey6Nfm0NLUauUyybkgk0CUEoi14CUbllAE9Mjd1%2FtdQIjzXTsp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: lLamSL6UJZK9rXKVVb3Z-B9qcPIseQqH4Ct_ZwaYnkfBcnpXPgPnjg==
expires: Wed, 30 Jun 2021 23:02:41 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 75A5 67 KB
68 KB 32ms
31ms Image
image/png 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2F21stcenturywire.com%2Fwp-content%2Fuploads%2F2021%2F06%2FBG-NATO-DRILL-AWRY.png&key=jiXoNcZCmqmWt6goDC_Azw&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c3a58e701b2502c1584f3e58626e6d3301c216f571ffe20718ac40dd9eedfbd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:41:36 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
age: 775849
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 68673
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=I1XQseAUWU9tCeNv9UCyiGwsUDJO1C8aMHEb1IlHn3WrktuCumTAxD6OjtkF6g8lDdivuUPUFNZKm%2FfHfLiRQini2ADdZI%2FPifFBsLQv3rjZKrX6rOw%2FPVoQlbTnmxAa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: Z7tK6M7uhkutiZnapziPTUlEU2aFPfgTBB_IexzDzKQfEfNN7NGFoA==
expires: Sat, 03 Jul 2021 13:41:36 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 75A5 106 KB
107 KB 24ms
22ms Image
image/png 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2F21stcenturywire.com%2Fwp-content%2Fuploads%2F2021%2F05%2FSARS-1-China_COVID.png&key=baCllQU3u_OzkCrZ1yt5ww&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

70227099f17d7ea09460865f2ebb908b393670968655fb0bb33d73cc7ad12d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:31:44 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
age: 1299141
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 108608
x-xss-protection: 1; mode=block
x-served-by: static-web-1
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NoX%2FipOcSjqKfU998DCfp0XeaAwnNa30QFT%2BQ1hEheMmzRux7fqTr%2F2rzNSgRRawUZIxbo0XxTP1iOaXwSI3K9xlQRL5jzwQgLYa6qtlcsNURI2jEGQ3ogX3vqPhnglC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: 9gxZWgeVPMExhBskSs7YMWYGDSv8BccqwKrFoxDdod2TpkAvuOv17Q==
expires: Sun, 27 Jun 2021 07:31:44 GMT

GET
H2 200 get
c.disquscdn.com/ Frame 75A5 12 KB
12 KB 23ms
21ms Image
image/jpeg 2600:9000:211a:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/get?url=https%3A%2F%2F21stcenturywire.com%2Fwp-content%2Fuploads%2F2020%2F06%2F1-Vaccine.jpg&key=avNBY2tTP_NU2FqsqkMeEQ&h=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

34145db0bc9bfdea9bacdefe5256c55a49855080f28932c0b8c8318f0d803b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 May 2021 03:11:38 GMT
via: 1.1 47b3fa796fd76d32bef114d0b8ce8cad.cloudfront.net (CloudFront)
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
age: 1414184
x-cache: Hit from cloudfront
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-cache-hits: 0
content-length: 11965
x-xss-protection: 1; mode=block
x-served-by: static-web-2
server: nginx
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QYpUU%2FzrPjcpHDbFZ%2BSL4vLq7p0ssVI1CjxDOF5tf56JpLdoLfS8FoAdamoxbIJAhZymC4U7aoxexrTpbkh1pO8yb6P0KwI9JMSjzJyiFAECwsQyfmCHxB8RqztkVVOF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: mvusNKu6eYYi8hpqV3J7Kii4tjkZGUeU0rDO6sofSd5l6keys7bUeQ==
expires: Mon, 28 Jun 2021 03:11:38 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FA84 138 B
848 B 52ms
22ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/js/dist/prebid.4.42.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a812a1f4cca81d0da4f7f876e7656f7b9b604327adfded92258317c9073bdfb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 14:00:44 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.101:80
AN-X-Request-Uuid: b98a9a4e-bd36-4f9a-bcb4-a79bb2b57848
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://tempest.services.disqus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F0bc2b1fa-42ca-4aec-82a6-78750b976d6c%2F640x480.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/ Frame 5B1C 6 KB
6 KB 32ms
15ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F0bc2b1fa-42ca-4aec-82a6-78750b976d6c%2F640x480.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

1669f0008c5eec3471bcc584e521c6db4f777909d6d6437bf2797d1543cd4b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=114;cpu=1;start=2021-05-27T17:49:51.680Z;desc=miss,rtt;dur=0,cloudinary;dur=24;start=2021-05-27T17:49:51.725Z
content-length: 5672
last-modified: Thu, 27 May 2021 17:49:06 GMT
server: Cloudinary
etag: "a0e657744549b1e4986d6c1a76681941"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420044.cds277.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 37fdff86db4fd5ed61912d84d6ff1ecc.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ Frame 5B1C 7 KB
7 KB 40ms
22ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/37fdff86db4fd5ed61912d84d6ff1ecc.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ce00da29cb89465494b3e184b065d41c9a39263944cc766bdd5d082d59227d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=109;cpu=1;start=2021-05-27T17:48:59.433Z;desc=miss,rtt;dur=0,cloudinary;dur=15;start=2021-05-27T17:48:59.480Z
content-length: 6776
last-modified: Thu, 27 May 2021 17:47:37 GMT
server: Cloudinary
etag: "1c2c5655040abb477ca253a485982235"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420044.cds097.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 f55203f1e80d55cd335dc28b4268bb9f.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ Frame 5B1C 8 KB
8 KB 32ms
15ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/f55203f1e80d55cd335dc28b4268bb9f.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0d3953c0f2534d62219de667a9f7cd2bf23d7ced6386387db905c0f0c79d726a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=125;cpu=0;start=2021-05-27T18:00:00.411Z;desc=miss,rtt;dur=0,cloudinary;dur=30;start=2021-05-27T18:00:00.457Z
content-length: 8386
last-modified: Thu, 27 May 2021 17:53:20 GMT
server: Cloudinary
etag: "2cb0d05011e657af612f51fc2209193e"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420044.cds232.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 68e4db568296e2149cd9335740792bc9.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ Frame 5B1C 6 KB
6 KB 40ms
23ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/68e4db568296e2149cd9335740792bc9.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b001db59436e950e2b3ad6438a37313eb45ba92ecc3e33a1483bf11a5d011e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=113;cpu=1;start=2021-05-27T17:49:56.340Z;desc=miss,rtt;dur=0,cloudinary;dur=19;start=2021-05-27T17:49:56.385Z
content-length: 5797
last-modified: Thu, 27 May 2021 17:47:24 GMT
server: Cloudinary
etag: "4f6e964fe8b1f31dcbc7e26c73aa167e"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420044.cds051.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 e9294a3b489d65e7f2317e4a5639be1f.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ Frame 5B1C 5 KB
5 KB 44ms
27ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/e9294a3b489d65e7f2317e4a5639be1f.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5f634d9d292e681e80f192bb6ab63903cda05ed93300f711107c0381e3c03b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=117;cpu=1;start=2021-05-27T17:47:32.597Z;desc=miss,rtt;dur=0,cloudinary;dur=21;start=2021-05-27T17:47:32.644Z
content-length: 5056
last-modified: Thu, 27 May 2021 17:47:21 GMT
server: Cloudinary
etag: "a121748a7aca9a83f90e52c2077da172"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420044.cds201.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ca6455eb264f52564fcfb2d323bf3ba8.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ Frame 5B1C 5 KB
5 KB 39ms
22ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ca6455eb264f52564fcfb2d323bf3ba8.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

973f52c452ef2eddf208a5262dd70d6a0a0e92e4a7f8c206e4572ce50b06c3e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=393;cpu=1;start=2021-05-27T17:47:21.530Z;desc=miss,rtt;dur=0,cloudinary;dur=22;start=2021-05-27T17:47:21.853Z
content-length: 5252
last-modified: Thu, 27 May 2021 17:47:22 GMT
server: Cloudinary
etag: "e88a9aa176d9260f068169a59416b053"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420044.cds144.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jot
syndication.twitter.com/i/ Frame 05DE 43 B
165 B 139ms
139ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1623420044297%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%2221WIRE%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%2221WIRE%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%228e776e621%3A1622224359557%22%2C%22item_ids%22%3A%5B%221402173915049435136%22%5D%2C%22item_details%22%3A%7B%221402173915049435136%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A1328.2999992370605%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 11 Jun 2021 14:00:44 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 5565cb2dfc7943a58104ef356453f90a4888b3f7e640fb0e3bd30030e5513b38
x-transaction: a70a70ed87c645e6
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ Frame 1D49 364 KB
102 KB 9ms
8ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/revcontent/?position=inthread&shortname=21stcenturywire&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23cc9900&colorScheme=light&sourceUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&disqus_version=5884b71
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d660861fb44a4b9306dd05b2c61c40808cf85bacc11ff2bc81e8b8bd1a99b853

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 14:17:17 GMT
server: AmazonS3
x-amz-request-id: 1Z5YMHF1QS61Z8ZA
etag: "5cd561a4ec485a85c0bc49bf85b67c00"
x-hw: 1623420044.cds097.fr8.hn,1623420044.cds055.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 104646
x-amz-id-2: ufqaHRBDYxXR2uQeeWcB3sTQPF5hZRBNJcX1aayNNzdjPCi1vNElKqaoV3BF3ToOx5/KEiIiaG0=

GET
H2 200 hRKArCsoBtrI.128.mp3 Show response
cf-hls-media.sndcdn.com/media/31763/79410/ Frame 3E1B 47 KB
47 KB 38ms
38ms Fetch
audio/mpeg 99.86.241.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf-hls-media.sndcdn.com/media/31763/79410/hRKArCsoBtrI.128.mp3?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKjovL2NmLWhscy1tZWRpYS5zbmRjZG4uY29tL21lZGlhLyovKi9oUktBckNzb0J0ckkuMTI4Lm1wMyIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTYyMzQyMTU1OH19fV19&Signature=SqFbnspns609oq1~WSoN1hdKOw2cjFeGoi~HBNleJwGdiIWrnQf6pZiTq-HQRhpmkPw-GbJSW0pqu31b7U2tIWWiR7V8VLUsDxdgo2li653ml2rfVgs6sXayQgI1TujBH~Aiot7dfAuca7uSVsFQHpGxp1dAYZvGPzsl4s5hfSctoKo~7HV48mdfl-7~CIT2GflRxKQ-BEx2cq1vXIB2VE5EpO2J3El72XpWBvbJhmaS6U6zprFo140EjE2ddBxPshp552QjvYjPT-rhF3VdRP3QWtLVpIFQZNVVkA7zQhWXkjrjqz0~tlSuoHh8TUZsNeg1NEaBkWruia9AMTKW3Q__&Key-Pair-Id=APKAI6TU7MMXM5DG6EPQ

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.241.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-241-23.vie50.r.cloudfront.net

Software

am/2 /

Resource Hash

5a2b58c3f83ed7bf328ab7000c15c4a477269ce30a4582510f98cdb575f38cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 20:51:27 GMT
via: 1.1 7c17b3af9cda4d5f0ff45961b7be9fdc.cloudfront.net (CloudFront)
server: am/2
age: 61757
accept-ranges: bytes
allow: GET, OPTIONS
access-control-allow-methods: GET, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: VIE50-C1
strict-transport-security: max-age=63072000
access-control-allow-headers: Accept, Authorization, Content-Type, Origin, X-SC-Auth
content-length: 47648
x-amz-cf-id: 3nE_m340Q9_kS5LY5SdQ7lkOHI-DDl29BQEhAoRkskdo4DUd-wZliQ==

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 5223 43 B
295 B 101ms
101ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34hlpj72er0ff8&experiment=network_default&variant=fallthrough&service=dynamic&area=lightbox&product=embed&forum=21stcenturywire&zone=thread&page_url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&page_referrer=https%3A%2F%2F21stcenturywire.com%2F&object_type=advertisement&provider=survey&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=&section=default&verb=load&extra_data=%7B%22time_to_load%22%3A142%7D&forum_id=2099916

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 100ms
100ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34hlpj72er0ff8&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=21stcenturywire&zone=thread&version=a5921af07b365f6dfd62075d2dee3735&page_url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=revcontent&section=default&verb=fail&adverb=provider_not_ready&forum_id=2099916

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
295 B 192ms
101ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34hlpj72er0ff8&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=21stcenturywire&zone=thread&version=a5921af07b365f6dfd62075d2dee3735&page_url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=revcontent&section=default&verb=fail&adverb=provider_not_ready&forum_id=2099916

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 status
www.facebook.com/x/oauth/ Frame 5223 0
0 30ms
29ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2F21stcenturywire.com&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3D21stcenturywire%26t_i%3D139357%2520https%253A%252F%252F21stcenturywire.com%252F%253Fp%253D139357%26t_u%3Dhttps%253A%252F%252F21stcenturywire.com%252F2019%252F07%252F15%252Fosint-for-dummies-how-to-mount-a-fake-investigation%252F%26t_e%3DOSINT%2520for%2520Dummies%253A%2520How%2520to%2520Mount%2520a%2520Fake%2520Investigation%26t_d%3DOSINT%2520for%2520Dummies%253A%2520How%2520to%2520Mount%2520a%2520Fake%2520Investigation%26t_t%3DOSINT%2520for%2520Dummies%253A%2520How%2520to%2520Mount%2520a%2520Fake%2520Investigation%26s_o%3Ddefault%23version%3Da5921af07b365f6dfd62075d2dee3735&sdk=joey&wants_cookie_data=false

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: B4XcY9ZmysK9qYVLaAvGMm9lfzdJl5CtmWKVMGfWQe0GU/Is9hbZjh5Uvsf8WBkj7ce+E+ixAz0ee3qkHEr3LQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Jun 2021 14:00:44 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://disqus.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 1CF5 513 B
923 B 64ms
44ms Document
text/html 2a00:1450:4001:82f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d899074859a7a618098cfad893915cbf5aca292bdfe9b97f8d5f40d476a7965

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eitCKw7f+oxC5nPTOMhJYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=216=P73Y97ynnEWzYdGYv5PRCnKytaElUqMO6t0MxKYIYQmfMFWOucHHHMx3aI7LYObz6_VPaykdi7gAbsNwf8IT0jZ5O_9xhMqIM9YK5JmzdWhUcuBGJGHYttF6ZqhZjWGhjxDrjJzJB4SR924rPfnB6fRH_4Nmc0i2YYWKAon8LpU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Jun 2021 14:00:44 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-eitCKw7f+oxC5nPTOMhJYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ Frame 1D49 52 B
274 B 34ms
33ms Fetch
text/html 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=176834

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://tempest.services.disqus.com
date: Fri, 11 Jun 2021 14:00:44 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ Frame 1D49 0
0 31ms
30ms Fetch 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://tempest.services.disqus.com
date: Fri, 11 Jun 2021 14:00:44 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 37fdff86db4fd5ed61912d84d6ff1ecc.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ Frame A828 7 KB
7 KB 14ms
14ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/37fdff86db4fd5ed61912d84d6ff1ecc.jpg

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ce00da29cb89465494b3e184b065d41c9a39263944cc766bdd5d082d59227d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=109;cpu=1;start=2021-05-27T17:48:59.433Z;desc=miss,rtt;dur=0,cloudinary;dur=15;start=2021-05-27T17:48:59.480Z
content-length: 6776
last-modified: Thu, 27 May 2021 17:47:37 GMT
server: Cloudinary
etag: "1c2c5655040abb477ca253a485982235"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420044.cds097.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 e9294a3b489d65e7f2317e4a5639be1f.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ Frame A828 5 KB
5 KB 12ms
12ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/e9294a3b489d65e7f2317e4a5639be1f.jpg

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5f634d9d292e681e80f192bb6ab63903cda05ed93300f711107c0381e3c03b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=117;cpu=1;start=2021-05-27T17:47:32.597Z;desc=miss,rtt;dur=0,cloudinary;dur=21;start=2021-05-27T17:47:32.644Z
content-length: 5056
last-modified: Thu, 27 May 2021 17:47:21 GMT
server: Cloudinary
etag: "a121748a7aca9a83f90e52c2077da172"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420044.cds201.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F43aa8f8e-74a4-42b2-8f43-63226346da94%2F640x480.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/ Frame A828 5 KB
5 KB 16ms
15ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a8fe8d2b3fd07d6f4f07b410991f54457608dba676559b34a8511e43fbc46045

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=1;cpu=0;start=2021-05-27T17:47:46.781Z;desc=hit,rtt;dur=0
content-length: 5171
last-modified: Thu, 27 May 2021 17:47:27 GMT
server: Cloudinary
etag: "f722c30556ac4e000ac5c9b287c53a45"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420044.cds277.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 317390550f727f446f1ca7a108cd1c88.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ Frame A828 7 KB
7 KB 16ms
15ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/317390550f727f446f1ca7a108cd1c88.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

70577ff53b2d496d4decb760ccf6549f03df365b173b74afedc062c4c5e1ec85

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=287;cpu=1;start=2021-05-27T17:47:48.570Z;desc=miss,rtt;dur=0,cloudinary;dur=191;start=2021-05-27T17:47:48.615Z,cld-id;desc=ea4a590d4148e4afd0a9badfa0b3e803
content-length: 7179
x-request-id: ea4a590d4148e4afd0a9badfa0b3e803
last-modified: Mon, 12 Oct 2020 18:14:06 GMT
server: Cloudinary
etag: "c2e226fc72dfc4a6ea71278076d296e2"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420044.cds233.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5d0be263d97c727cbe52569384d30a4c.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ Frame A828 5 KB
5 KB 17ms
16ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5d0be263d97c727cbe52569384d30a4c.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3b400a96fea1fed0579e7d2392c3b5dcae0292658b8fc7d999ea6d9808e59de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=703;cpu=1;start=2021-05-27T17:47:23.592Z;desc=miss,rtt;dur=0,cloudinary;dur=322;start=2021-05-27T17:47:23.915Z,cld-id;desc=5568df42fb53630e43357f8e88a9e548
content-length: 4689
x-request-id: 5568df42fb53630e43357f8e88a9e548
last-modified: Mon, 12 Oct 2020 18:14:21 GMT
server: Cloudinary
etag: "d004a916e914d2ddea876a9e35ae8c5d"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420044.cds052.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 786efd98e782caeef7e0267153a41307.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ Frame A828 7 KB
7 KB 19ms
18ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/786efd98e782caeef7e0267153a41307.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6c23632125c689308aab1b5562345790a1758d9c37dfd23f318435b85006a8b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=1;start=2021-05-27T17:50:37.562Z;desc=hit,rtt;dur=2
content-length: 7408
last-modified: Thu, 27 May 2021 17:50:17 GMT
server: Cloudinary
etag: "8b33cc68753eba59e5a2b87fbd868a72"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420044.cds149.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 generic
trends.revcontent.com/event/ Frame 1D49 0
0 30ms
30ms Fetch 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://tempest.services.disqus.com
date: Fri, 11 Jun 2021 14:00:44 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ Frame 1D49 17 KB
8 KB 275ms
275ms Fetch
text/html 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=false&w=176834&width=610&rev_allow_cookies=0&site_url=https%3A%2F%2Ftempest.services.disqus.com%2Fads-iframe%2Frevcontent%2F%3Fposition%3Dinthread%26shortname%3D21stcenturywire%26experiment%3Dnetwork_default%26variant%3Dfallthrough%26service%3Ddynamic%26anchorColor%3D%2523cc9900%26colorScheme%3Dlight%26sourceUrl%3Dhttps%253A%252F%252F21stcenturywire.com%252F2019%252F07%252F15%252Fosint-for-dummies-how-to-mount-a-fake-investigation%252F%26typeface%3Dsans-serif%26canonicalUrl%3Dhttps%253A%252F%252F21stcenturywire.com%252F2019%252F07%252F15%252Fosint-for-dummies-how-to-mount-a-fake-investigation%252F%26disqus_version%3D5884b71&icr_url=&referer=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3D21stcenturywire%26t_i%3D139357%2520https%253A%252F%252F21stcenturywire.com%252F%253Fp%253D139357%26t_u%3Dhttps%253A%252F%252F21stcenturywire.com%252F2019%252F07%252F15%252Fosint-for-dummies-how-to-mount-a-fake-investigation%252F%26t_e%3DOSINT%2520for%2520Dummies%253A%2520How%2520to%2520Mount%2520a%2520Fake%2520Investigation%26t_d%3DOSINT%2520for%2520Dummies%253A%2520How%2520to%2520Mount%2520a%2520Fake%2520Investigation%26t_t%3DOSINT%2520for%2520Dummies%253A%2520How%2520to%2520Mount%2520a%2520Fake%2520Investigation%26s_o%3Ddefault&va=0&time=1623420044445&up=pc&bn=chrome&bv=89&widget_width=610

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

95b5f2a26c9224bc67c27fd191108848c57e060fcc00803c8cab418d03927aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://tempest.services.disqus.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 7693

GET
H2 200 1076821231-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame 1CF5 115 KB
39 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1076821231-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1816d947d4d4bafd1c4f03793110f64a56b2885ee29fc9fae3c226cea8bc2757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 08:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40143
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 02:30:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jun 2022 08:20:12 GMT

GET
H3-29 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 1CF5 14 B
58 B 58ms
43ms XHR
application/json 2a00:1450:4001:82f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1076821231-idpiframe.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 11 Jun 2021 15:00:44 GMT

GET
H/1.1 200
OK / Show response
glitter.services.disqus.com/urls/ Frame 5223 677 B
861 B 130ms
113ms Script
application/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=21stcenturywire&thread_id=7534548008&referer=

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.64 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

a03ad5307688dd57a5b7806319b8dc134b54348857ea1d1d10eac5884a0635bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
X-Frame-Options: DENY
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: no-cache
transfer-encoding: chunked
X-Service: glitter
Content-Disposition: attachment; filename=f.txt
Strict-Transport-Security: max-age=300; includeSubdomains
Vary: Accept-Encoding, Cookie

GET
H2 200 noavatar92.png
a.disquscdn.com/1623278138/images/ Frame 5223 2 KB
2 KB 7ms
6ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1623278138/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.ac702132ea5e06471da27768120c5978.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 59382
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: image/png
content-length: 1644
x-amz-cf-id: gwmSf1x2XUK5RFUWYP4jpFLceRy4By5JB4czoOElTiAUynV9vSJviw==
expires: Sat, 10 Jul 2021 21:31:02 GMT

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 357 B
794 B 100ms
83ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: d44942ad4920266c4d36853a98439ae0a51299d1b07a92001745cff81f6601e3

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 14:00:44 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://21stcenturywire.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 357
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 5223 43 B
295 B 101ms
100ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.22&load_time=1028&event=init_embed&thread=7534548008&forum=21stcenturywire&forum_id=2099916&imp=34hlpj72er0ff8&prev_imp&thread_slug=osint_for_dummies_how_to_mount_a_fake_investigation&user_type=anon&referrer=https%3A%2F%2F21stcenturywire.com%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2

200

362358.gif Show response
idsync.rlcdn.com/ Frame 588D
Redirect Chain

https://ejp.rlcdn.com/501709.html
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCI3ZjYYGEgUI6AcQAEIASgA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEN6RwJYZyyiXcZai4a2sNJc&google_cver=1

42 B
318 B

19ms
16ms

Document
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEN6RwJYZyyiXcZai4a2sNJc&google_cver=1
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method: GET
:authority: idsync.rlcdn.com
:scheme: https
:path: /362358.gif?google_gid=CAESEN6RwJYZyyiXcZai4a2sNJc&google_cver=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: rlas3=ZW1Jtz9bIwUNBLVLJrYUSqjQJqieUQ3NP8JcdL5FqGs=; pxrc=CI3ZjYYGEgUI6AcQABIGCLrqARAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default

Response headers

cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=ZW1Jtz9bIwUNBLVLJrYUSqjQJqieUQ3NP8JcdL5FqGs=; Path=/; Domain=rlcdn.com; Expires=Sat, 11 Jun 2022 14:00:45 GMT; Secure; SameSite=None pxrc=CI3ZjYYGEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Tue, 10 Aug 2021 14:00:45 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Fri, 11 Jun 2021 14:00:45 GMT
content-length: 42
via: 1.1 google
alt-svc: clear

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEN6RwJYZyyiXcZai4a2sNJc&google_cver=1
date: Fri, 11 Jun 2021 14:00:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 289
x-xss-protection: 0
set-cookie: IDE=AHWqTUmQebhq-9ZUYOUU_Vah6-Ep_ti8x0g4ASkIF_V_qZTd32-PA0rjTmECyy8JpeA; expires=Wed, 06-Jul-2022 14:00:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.html Show response
live.rezync.com/ Frame DE77 507 B
1 KB 1452ms
162ms Document
text/html 13.225.74.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c34fqo5m2vjfm16&pctry=DE&referrer=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-68.fra2.r.cloudfront.net
Software: lighttpd/1.4.33 /
Resource Hash: 69a978e254e0a7605d3c347ba06b7e782646a5a691ba75d138c977238b6f76fc

Request headers

:method: GET
:authority: live.rezync.com
:scheme: https
:path: /pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c34fqo5m2vjfm16&pctry=DE&referrer=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default

Response headers

content-type: text/html; charset=utf-8
content-length: 507
date: Fri, 11 Jun 2021 14:00:46 GMT
server: lighttpd/1.4.33
set-cookie: zync-uuid=5e04d479-297d-42fd-82c8-6cc3e00c70c1:1623420046.05; Domain=rezync.com; Expires=Wed, 08-Dec-2021 07:00:46 GMT; Path=/; SameSite=None; Secure sd-session-id=.eJwVikELgjAYQP9KfGcPS6uD0CFSvPQtgiT0IqVTNttMN7OU_ffW4cF78BYoXmyQd8WUgdAMI_OgfHJXGsIFKq770RmUwabuu63036KW6x1YDzTTmneq4NX_XD3cRW_pRJMLoXNrULRBfiQEZd6ers03mxtDJRXopxMmGDg-ZxH7KJCgOEw0ykaM0j1Y-wPqkDIR.E6T-Dg.G9IPLmziNOytm46miOFVIbyDFV8; Expires=Wed, 08-Dec-2021 14:00:46 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache: Miss from cloudfront
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: iq7SlPQWdWq3SfxkDwDKvZI0gA4NadN6gPboA5wOeHbWWj_I08QftQ==

GET
H2 200 narr
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/ Frame 5223 0
38 B 1098ms
31ms Image
text/plain 54.76.227.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D473%26gdpr%3D1%26gdpr_consent%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.227.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-227-154.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:45 GMT
content-length: 0

GET
H/1.1

200
OK

/
io.narrative.io/ Frame 5223
Redirect Chain

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac34fqo5m2vjfm16&ret=img&ref=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F
https://io.narrative.io/?io.narrative.guid.v2=6a68e0e0-cabd-11eb-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac34fqo5m2vjfm16&ret=img&ref=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint...

35 B
319 B

29ms
29ms

Image
image/gif

54.229.111.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?io.narrative.guid.v2=6a68e0e0-cabd-11eb-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac34fqo5m2vjfm16&ret=img&ref=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.111.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-111-52.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:44 GMT
Cache-Control: no-cache
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: https://io.narrative.io/?io.narrative.guid.v2=6a68e0e0-cabd-11eb-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac34fqo5m2vjfm16&ret=img&ref=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F
Date: Fri, 11 Jun 2021 14:00:44 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0

POST
H2 204 impression
trends.revcontent.com/event/ Frame 1D49 0
0 32ms
32ms Fetch 99.80.125.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/impression
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.125.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://tempest.services.disqus.com
date: Fri, 11 Jun 2021 14:00:44 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 /
img.revcontent.com/ Frame 1D49 20 KB
20 KB 10ms
10ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
last-modified: Wed, 01 Jul 2020 17:13:25 GMT
etag: "1593623605"
x-hw: 1623420044.cds003.fr8.hn,1623420044.cds260.fr8.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20438

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ Frame 1D49 4 KB
4 KB 62ms
23ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
last-modified: Mon, 07 Jun 2021 16:54:11 GMT
etag: "1623084851"
x-hw: 1623420044.cds080.lo4.hn,1623420044.cds256.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=55
accept-ranges: bytes
content-length: 4298

GET
H/1.1 200
OK sync.gif
links.services.disqus.com/api/ 43 B
375 B 44ms
42ms Image
image/gif 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 14:00:44 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 136 B
573 B 55ms
41ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5044b320cc934d8e813a5d2ba1145652846dc6c851702c30038f48ca08b94ecd

Request headers

Referer: https://21stcenturywire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 14:00:44 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://21stcenturywire.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 136
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 5223 43 B
295 B 100ms
100ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34hlpj72er0ff8&experiment=network_default&variant=fallthrough&service=dynamic&area=inthread&product=embed&forum=21stcenturywire&zone=thread&page_url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&page_referrer=https%3A%2F%2F21stcenturywire.com%2F&object_type=advertisement&provider=revcontent&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B160465%5D&section=default&verb=load&advertisement_id=160465&forum_id=2099916

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 5223 43 B
295 B 101ms
100ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34hlpj72er0ff8&experiment=network_default&variant=fallthrough&service=dynamic&area=inthread&product=embed&forum=21stcenturywire&zone=thread&page_url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&page_referrer=https%3A%2F%2F21stcenturywire.com%2F&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=revcontent&section=default&verb=fail&adverb=provider_not_ready&forum_id=2099916

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F80b1b4be-64a7-4f98-b0f4-20e2102672d3%2F640x480.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/ Frame 1D49 5 KB
5 KB 15ms
14ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b3695d710d87019d1cc62a7ec7f9022a03765214257d7cfb71ca7fee40771c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=2;cpu=1;start=2021-05-27T17:48:32.993Z;desc=hit,rtt;dur=0
content-length: 5238
last-modified: Thu, 27 May 2021 17:47:36 GMT
server: Cloudinary
etag: "06ca6a51640c39879c7e96ab76fcbdfd"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420044.cds098.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5f41517e979c43-92780737.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ Frame 1D49 4 KB
4 KB 15ms
14ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5f41517e979c43-92780737.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

1354302ea9525cd1105e577a781a631d97ef4c3e1af1a0b4099d0a204fda96f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:44 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=120;cpu=1;start=2021-05-27T17:47:41.335Z;desc=miss,rtt;dur=0,cloudinary;dur=21;start=2021-05-27T17:47:41.382Z
content-length: 4029
last-modified: Thu, 27 May 2021 17:47:41 GMT
server: Cloudinary
etag: "10d63e7b3192f424dd2deead42580d4c"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420044.cds126.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15643107941285251590.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ Frame 1D49 5 KB
6 KB 16ms
16ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15643107941285251590.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a0f026119e03b7b3570cf1d49d262e0bc0dac2944a2bcf3dc832efbf3341e02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://tempest.services.disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 14:00:45 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=332;cpu=0;start=2021-05-27T17:47:21.527Z;desc=miss,rtt;dur=0,cloudinary;dur=240;start=2021-05-27T17:47:21.573Z,cld-id;desc=303ca28f904c67043afdb23b19753e98
content-length: 5511
x-request-id: 303ca28f904c67043afdb23b19753e98
last-modified: Mon, 12 Oct 2020 18:14:17 GMT
server: Cloudinary
etag: "da3216cf45f4778876400958e6b22ab1"
vary: Save-Data
x-hw: 1623420044.cds051.fr8.hn,1623420045.cds154.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 5223 43 B
295 B 101ms
100ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34hlpj72er0ff8&experiment=network_default&variant=fallthrough&service=dynamic&area=inthread&product=embed&forum=21stcenturywire&zone=thread&page_url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&page_referrer=https%3A%2F%2F21stcenturywire.com%2F&object_type=advertisement&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=&section=default&verb=view&adverb=0ms-no50perc&forum_id=2099916

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 5223 43 B
295 B 100ms
100ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=34hlpj72er0ff8&experiment=network_default&variant=fallthrough&service=dynamic&area=inthread&product=embed&forum=21stcenturywire&zone=thread&page_url=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&page_referrer=https%3A%2F%2F21stcenturywire.com%2F&object_type=advertisement&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=&section=default&verb=view&adverb=iab-scroll&forum_id=2099916

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=21stcenturywire&t_i=139357%20https%3A%2F%2F21stcenturywire.com%2F%3Fp%3D139357&t_u=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F&t_e=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_d=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&t_t=OSINT%20for%20Dummies%3A%20How%20to%20Mount%20a%20Fake%20Investigation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 14:00:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame DE77
Redirect Chain

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=6016323827758610215
https://p.rfihub.com/cm?pub=39342&in=1&userid=0f1604b6-1648-4ec6-95ff-4639bd13c40d%3A1623420046.33&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D0f1604b6-1648-4ec6-95ff-4639bd13c40d...
https://idsync.rlcdn.com/501709.gif?partner_uid=0f1604b6-1648-4ec6-95ff-4639bd13c40d%3A1623420046.33
https://idsync.rlcdn.com/1000.gif?memo=CM3PHhI8CjgIARAFGjIwZjE2MDRiNi0xNjQ4LTRlYzYtOTVmZi00NjM5YmQxM2M0MGQ6MTYyMzQyMDA0Ni4zMxAAGg0IjtmNhgYSBQjoBxAAQgBKAA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECXCQopaKTJsEp8gy5QiGus&google_cver=1

42 B
299 B

15ms
14ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESECXCQopaKTJsEp8gy5QiGus&google_cver=1
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c34fqo5m2vjfm16&pctry=DE&referrer=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 14:00:46 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 11 Jun 2021 14:00:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESECXCQopaKTJsEp8gy5QiGus&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

52154.gif
idsync.rlcdn.com/ Frame DE77
Redirect Chain

https://p.rfihub.com/cm?pub=39342&in=1&userid=5e04d479-297d-42fd-82c8-6cc3e00c70c1%3A1623420046.05&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab...
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871878970769606871
https://idsync.rlcdn.com/501709.gif?partner_uid=701882a0-7f49-4646-a6e2-bdf5cb139be8%3A1623420046.38
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6016323827758610215

42 B
299 B

15ms
15ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6016323827758610215
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c34fqo5m2vjfm16&pctry=DE&referrer=https%3A%2F%2F21stcenturywire.com%2F2019%2F07%2F15%2Fosint-for-dummies-how-to-mount-a-fake-investigation%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Jun 2021 14:00:46 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Pragma: no-cache
Date: Fri, 11 Jun 2021 14:00:46 GMT
X-Proxy-Origin: 89.249.64.203; 89.249.64.203; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid: 745b7d46-e8c6-475c-a102-0358b0451dfb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=6016323827758610215
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK me Show response
l9bjkkhaycw6f8f4.soundcloud.com/ Frame 3E1B 0
434 B 136ms
66ms XHR
application/json 13.32.4.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l9bjkkhaycw6f8f4.soundcloud.com/me

Requested by

Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.4.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

am/2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 11 Jun 2021 14:00:48 GMT
Via: 1.1 412b915bb2572a86aaa8bdf21eb381fc.cloudfront.net (CloudFront)
server: am/2
X-Amz-Cf-Pop: VIE50-C2
strict-transport-security: max-age=63072000
X-Cache: Miss from cloudfront
Content-Type: application/json; charset=utf-8
access-control-allow-origin: *
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: 5pli2srLT80kDgd2GYMfwTmSSTjAbUdbZlWvPmUj13HJy68IdKZ-MQ==

GET
H2 200 / Show response
21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/ 99 KB
22 KB 1658ms
1657ms XHR
text/html 104.26.10.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/?mashsb-refresh
Requested by: Host: 21stcenturywire.com
URL: https://21stcenturywire.com/wp-content/plugins/mashsharer/assets/js/mashsb.min.js?ver=3.7.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: a31d32ac68baa8878c77b2be4922f60b910cfdef3639e7c37f8b088cda335f01

Request headers

:path: /2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/?mashsb-refresh
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: 21stcenturywire.com
referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://21stcenturywire.com/2019/07/15/osint-for-dummies-how-to-mount-a-fake-investigation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Fri, 11 Jun 2021 14:00:50 GMT
content-encoding: br
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
cf-cache-status: DYNAMIC
x-cacheable: SHORT
x-powered-by: WP Engine
x-cache: MISS
cf-request-id: 0a9cf92c0d0000008569a6c000000001
x-cache-group: normal
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bSi6I617wV2Hvw%2BVvIQWCZBAg2GbcTqmTms9S%2FXeP2Q%2BRjknAGOZyZZzizw71DSbNTKMddIf6DkeHpZwRRbuUVhr7%2F%2Fz%2B9wt2A%2FBHYZJ3Cl1EPHJmm8EBlWH5NALMMMt"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=600, must-revalidate
set-cookie: asp_transient_id=c583c6e5a246edf939a4a93a462c75f4; expires=Fri, 18-Jun-2021 14:00:48 GMT; Max-Age=604800; path=/
cf-ray: 65db5e2678300085-LHR
link: <https://21stcenturywire.com/wp-json/>; rel="https://api.w.org/" <https://21stcenturywire.com/wp-json/wp/v2/posts/139357>; rel="alternate"; type="application/json" <https://21stcenturywire.com/?p=139357>; rel=shortlink

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Play

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.21stcenturywire.com/	1970-01-20 04:21:28	Name: __qca Value: P0-1673341703-1623420042739
21stcenturywire.com/	1970-01-20 03:42:36	Name: mailmunch_second_pageview Value: true
.21stcenturywire.com/	1970-01-19 18:57:00	Name: _gat Value: 1
.21stcenturywire.com/	1970-01-19 18:57:00	Name: _gat_gtag_UA_37745304_1 Value: 1
.21stcenturywire.com/	1970-01-20 12:28:12	Name: _ga Value: GA1.2.933143162.1623420042
.21stcenturywire.com/	1970-01-19 18:58:26	Name: _gid Value: GA1.2.498966946.1623420042
21stcenturywire.com/	1970-01-20 03:42:36	Name: _mailmunch_visitor_id Value: 4bb81d52-6300-4b2e-868d-70ac00df38ad
21stcenturywire.com/	1970-01-19 19:07:04	Name: asp_transient_id Value: 34b587ff0c74372369a2cb5b90beb80c

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://21stcenturywire.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://21stcenturywire.com/wp-content/plugins/mashsharer/assets/js/mashsb.min.js?ver=3.7.9(Line 1) Message: not rate limited: 1623420071
console-api	warning	URL: https://widget.spreaker.com/player-base-5f13a344dbf28ff80a2b.js(Line 2) Message: [react-ga] Expected `args.value` arg to be a Number.
console-api	log	URL: https://widget.sndcdn.com/widget-9-3d4d9a0f9c5b.js(Line 56) Message: SoundCloud Embed Player (api-web)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21stcenturywire.com
21stcenturywire.disqus.com
a.disquscdn.com
a.mailmunch.co
accounts.google.com
ajax.googleapis.com
analytics.mailmunch.co
api-widget.soundcloud.com
apis.google.com
assets.revcontent.com
c.disquscdn.com
cdn.bannersnack.com
cdn.revcontent.com
cdn.syndication.twimg.com
cdn.viglink.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
cf-hls-media.sndcdn.com
cm.g.doubleclick.net
connect.facebook.net
d3770qakewhkht.cloudfront.net
d3wo5wojvuv7l.cloudfront.net
disqus.com
ejp.rlcdn.com
fonts.googleapis.com
fonts.gstatic.com
forms.mailmunch.co
glitter.services.disqus.com
i1.sndcdn.com
ib.adnxs.com
idsync.rlcdn.com
images.revcontent.com
img.revcontent.com
io.narrative.io
l9bjkkhaycw6f8f4.soundcloud.com
links.services.disqus.com
live.rezync.com
lockerdome.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
p.rfihub.com
pbs.twimg.com
pixel.quantserve.com
platform.twitter.com
referrer.disqus.com
rules.quantcount.com
secure.quantserve.com
southfront.org
sqs.us-east-1.amazonaws.com
ssl.gstatic.com
stats.bannersnack.com
stats.g.doubleclick.net
syndication.twitter.com
tempest.services.disqus.com
trends.revcontent.com
w.soundcloud.com
wave.sndcdn.com
widget.sndcdn.com
widget.spreaker.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
fonts.googleapis.com
104.154.142.214
104.244.42.136
104.26.10.239
107.22.27.88
116.202.174.190
13.224.89.176
13.225.74.68
13.32.11.73
13.32.2.104
13.32.4.57
142.250.186.98
143.204.98.33
151.101.0.134
151.101.114.49
151.139.128.11
151.139.241.28
151.139.242.29
185.33.221.89
193.0.160.129
199.232.196.134
199.232.196.64
2600:9000:206e:600:6:44e3:f8c0:93a1
2600:9000:211a:be00:4:c961:9640:93a1
2600:9000:211a:cc00:6:8656:f5c0:93a1
2600:9000:211a:f000:1a:1e7b:9080:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:a40d
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:802::200a
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200d
2a00:1450:4001:831::200a
2a00:1450:400c:c1b::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.244.174.68
52.0.242.214
52.203.96.188
52.46.137.133
54.229.111.52
54.76.227.154
99.80.125.60
99.86.235.49
99.86.241.13
99.86.241.23
99.86.241.30
99.86.241.72
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03623c93a2031f456d79f4edc5b3b683eed0dd31363d8263b581926c5c418c98
0500bd58f47403106f2f10da96d8d196941a02a4046e88611a59494557861f98
0932077174a2d9a267a1458d40842414ee1f7c8e91b9230a9f32343b39b6587d
09975cd6c5d61e31f2e61a7b0d340db5ad5fbe283d198e667c30fa58708bfde9
0a0c09e1e97f172c235c9dcb12dbcd2c20b6bd1bce3a0fe453b245139ededbac
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d3953c0f2534d62219de667a9f7cd2bf23d7ced6386387db905c0f0c79d726a
108f93f425087fd138060d36edb747a0df95781d1fcf16e10fe5fe809e3c8099
1142d3e2151b2d78ac338d8e13d29bae8396d4c0eeecc2c526567954d5b9623b
1354302ea9525cd1105e577a781a631d97ef4c3e1af1a0b4099d0a204fda96f0
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1596bf431da82e367b21387e1ae7cdc4eeae1bee4d2a4c4a4c7ccec4e6d61191
1669f0008c5eec3471bcc584e521c6db4f777909d6d6437bf2797d1543cd4b19
174f3696c8b999d49552e8ac8f7dcfb7db0887f757134c4e23329f9f770daf2a
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
1816d947d4d4bafd1c4f03793110f64a56b2885ee29fc9fae3c226cea8bc2757
1e73bd64edcf6b9b779802e3124b7c484db59493c8252fff3c2af5f8a0375434
2025b295509745f39f42f941f1f806395a81e23e146febbff2e85e00df651b93
202ec2290aaecfd0bfaf9cb1b63c37bf5e997bc45ea0f583eb2d10a5777683c6
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5
21db4a2bde7aac266b734eb132698c7b09881732ccebfbd68b0ac6033d181b13
23763ff2058d79a8013e6b4ddceb10ec4f9487a61f42564fc874922917ad3113
263627ec362c25037d69022de008fad33cf85ec7267604a5ae5c8e6fe4ad9e38
27b1266545523cfe4d4d18620cd683df5d759671ab4593a6aa483de734cf19a0
2b06ce8ee5af8a32d102008a6529111ce2f62c194274878a6c7a6bf00b9c695e
2b2b447fd394e345defd732f547dcc10fab2eb232c3e406a65c97fd6508f37ef
2bc364a6d0d81817d6670872d0cb437d1a70002d45c355a37c21f8c20d7f18a8
2bdf6c85020bb63535b0afc6424e7c746f77f99316c73a448f92d739b92c3542
2c018c588d631bbb954fb63cdbb6b3ad69c4a77153232aaa8487d4469757b1fe
2ca97daa82864d78b59273cba4e809f7837700c927783aed129ee4d2d162471a
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2df2edc5efc917d87583e42f70ec52b09ca4f1123c13462460b548139151b8e7
2e6f6d6b3b07e4525583a36bf532f8e5c521793fb498f52c605c91d1ed89e89c
3087454ba62b98538c9c2d4e473096519c19e12a598c7af1bccfcba7c2e73bb4
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
332f943a5ebc0f607b7edef58003ccc3e64a08df41a1272344b6ca082b35c6a9
34145db0bc9bfdea9bacdefe5256c55a49855080f28932c0b8c8318f0d803b0e
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
352edca3938ab4b63ec240318bf425a831cd30d77ce1b4177178a9a50356c8e2
35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3989b833a079189220e16e0f400a6e388d29dfee3989441b870a06d2a5416cef
3b400a96fea1fed0579e7d2392c3b5dcae0292658b8fc7d999ea6d9808e59de7
3c2e7d7d2006f53aea3a6889517663ca9e58e01a587dab8d526575f6a52354c9
3ed3c50b01daa71dcb11f101b27ea78aedf2a1a9df0e4320be84aef4204b6200
3fa4708138b3bf07311428cc3e0fd918d3db13e4e1c923927f25f1260b98024c
40b9375395220091be1fbf14a62c523e55bfae7050b1fd002b83652708975bd6
413f3215369b7f46a64642f2cd217ebf4a131846af15442e9cbc16b186061f49
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9
43861e4cb2238d9a5cc5320aa52860f57e105caff3983cf34948eb08c2aaffd0
44967d9018d00c6cf5cb93c378a909bb20536379d79fde8186130e04ee41222b
481e97c1373314243ac83c1b1c9f466b9ce65b95f5fd4b82538f032d976820a6
4843d7f7ffb8e95f3cd83f22f6ac9e8f03373c0c965a0e0fad52aa99ff2ec548
48f097fa20655292e0e8fab980a1cbe86f212d8d2e522cddda6e5c1b79377b55
490ff26c60a3a4e5af5d03654dd3bf923c0e55776e8e4f9cb00e182e44197267
495d2f8c8b7f1bbd664c2c10c086a644e63e4934b9734813b27956a34709eea4
4bb6697c532f3c51f91aca196771dbe81677a5c7b7e4478426f45f5e006ebd16
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d899074859a7a618098cfad893915cbf5aca292bdfe9b97f8d5f40d476a7965
4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527
5044b320cc934d8e813a5d2ba1145652846dc6c851702c30038f48ca08b94ecd
5060d42d7caa80f7e6ed3e03c75386a78adc2f8e5c6318e0860b737b526cfecc
50ce71f24de8526445b1f88617f1db8cb6f7405a74d2e35d5f411b76481a2e4f
52307f0c20e0fca21c27e1dc761e8756ef21189a425648732347b14e9706e10d
54103e22890f40de8d835c5df33f2c86e50a861618199694053f56af647c566a
54b7664eb55bfd7affe18e0fad8d2474dfae3a025586e98b7f15ee183a3dfcdc
562659df3a2438e17efdc5ef4410415027e4fda31f1ea47e04bf8f5f6ef0ebb3
56588d27873c81cf322f4aa1dc7a3ec636ed8bc7712ec9db11b57b733787c264
573b9853e802b06a34f434c23b66c5cabf5b0ae48619266dec556727bd32df44
5755b0e6d610e8aacab161ad2e8f6e51666a1d3d4a06efd40d951231a4ed2c20
580a2580a9818d6c9e2c3843d967df5c609f7177f3a653b16b8a7a356f4a3630
58e8635e959ce8b5383dcbf9dd50fda2f6a0aeef426760854dfdb2548a3b77fb
5a2b58c3f83ed7bf328ab7000c15c4a477269ce30a4582510f98cdb575f38cb6
5a372245a42811bac74a1f84385ac6efa48fcf9088189a73b0c5156d68197454
5a9a98639098e82c58bf74f4b601f8852e68a864031067414f5c4a2423580927
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e8c76cd2c12bf377d273fa3a8d68006277126f63968fa7f500a53364e7c4392
5f634d9d292e681e80f192bb6ab63903cda05ed93300f711107c0381e3c03b9f
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
604188f4583e73798e660c7697e3eab1d66d8aa5d6417c64d3d99ef92a0283be
60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61ee27a1064c03685ea20ddd09d8aec8bcf92513db7a3299a6dfbea80c907e8f
65868622f5681b69bdab392fc96d26b6b57e966b4085e260a4d7dab6edc24acd
664151db09e75d1bfa1da782f064245566b25b3a73f48ada211cce019a994f04
66c7a61bd3009b3d6005047c67d57c57b4895d1efd476f3e04fc5032c65cac51
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
68badc59f07b6d172439af0b5f16f07881223c2d92bded55430f564f823362a1
68c1dd48334a858ea5edf94aa258fe15ab5ebcb970eac296778222b2b9743505
69137757604031457dde4adedff28199a2dc9af2939807858a7979f2b6e691a7
69a978e254e0a7605d3c347ba06b7e782646a5a691ba75d138c977238b6f76fc
6aad03dd3214113034d4d498ce288551aea85b38bd9b0e0dcda9d0b02230dbdd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b212a942c3f19016f64b3a7d09bd079c0ba6be2d36c8412550664fa419599ad
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c23632125c689308aab1b5562345790a1758d9c37dfd23f318435b85006a8b5
6e18c2a975b23e30f243485b7921e47f8c49d3904f36e26dbb852c1ec6ce0425
700dc82bfbe0606dc64d268df3e79f962f18ed04b5dc9b0e1dba0b6f59331e43
70227099f17d7ea09460865f2ebb908b393670968655fb0bb33d73cc7ad12d77
70577ff53b2d496d4decb760ccf6549f03df365b173b74afedc062c4c5e1ec85
719641fa4a8e111feaa56642a78f0d742f4da4447d2b15c0c6b28ac086c2a5fb
73442042723599bce8535f591fa5ecde187d59fa2c24498fa27d93db9c09d6fb
745caffca4b97cf5cf2374d82c6dfb6fb7c7b694e85432f92ec4dcb35f4418c9
77a5a3c2fbe6cdac60de52da4ae031af394dc417a6411cebea42c9c7b873eccf
78ef8387319b1f45117523e7ed056735f91b78673075f45d093a22e0f89e57ca
790b5941a2bd1d9a3ba3759ff82b2abdb8a594b24facfe8cf06bf89b6f0b59a0
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
7b7733064438c1966da5fa7bde59e4fb8e7e65eb4b42fd5c087be18ff7d501b2
7b8791800987b9daa27029db8bf4599bd773b3110a72a4f5d1ea664509a74e65
7c6aa1a86a8d54a45831bd8208f03c928dc15f9de1fa5301b50cf75e10fcf7fe
7fb6be34b9bb8979be1c976b1dc044b338c9a83792b98c5d94892a9b31c0acb2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834bf128294a8851e0899a8491a0c11461ed86783907cc0dcc1e6ce58a0c1e97
85abc77df87600d082d172e251ec152490b501f6c32d9bd2f7061b461e1897f5
8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8bd8b42a750d23140bf570e137bbca8f3464acaf2262b94f8f7468c62e076210
8d2b9a8991b63632fa5ff8541baa0e98044dcd09350188cdc1f13cde4d99c307
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8e5dba2200cd286a1d9dac3ed2d45692c8c4a6afe2d57a2ce01d217cf31dbec8
8f8a9efc71aedbea767a9165fc410c8da4814d232a7db2c5c41ba9bfa2039446
9413f1dd7c49e8c6b9bfea23bf5d80083db23141dab1e97ceb10baa29639105c
94881d36fdff3c3241dd35b042cef8ac202294b302c7d23a3fabd7854082b399
95b5f2a26c9224bc67c27fd191108848c57e060fcc00803c8cab418d03927aac
973f52c452ef2eddf208a5262dd70d6a0a0e92e4a7f8c206e4572ce50b06c3e8
9a30b8f164ce769e50acaf17177b8531735ce6ef8d6cbf9103d5f6af8bcabaca
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
9fde0fccc9a127b51fb6dee14fcde059a8d05883017a88c38d370c675c296898
a03ad5307688dd57a5b7806319b8dc134b54348857ea1d1d10eac5884a0635bc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a069848305deb56956a27e31bf816eca34b64797aa1f0f8faa2e5b9a0a63dfc8
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0df3ad5d289914b0e20859cefe94a6a9af44ee31b3b11d79a01d376d6faeabc
a0f026119e03b7b3570cf1d49d262e0bc0dac2944a2bcf3dc832efbf3341e02f
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a13a1fe4a87c09c6e9122834b5351f80012e2c539b32bc1d33c6982efab21b4b
a2b45dbb6a7182193818728c4dd26a5b67007ea1a489bf7c9bb80d52fe15a4af
a31d32ac68baa8878c77b2be4922f60b910cfdef3639e7c37f8b088cda335f01
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a68652e1e5e6b633e5a9dd219e828c01ab4f3dfc639d8a23d9c5952428ae825e
a812a1f4cca81d0da4f7f876e7656f7b9b604327adfded92258317c9073bdfb7
a8fe8d2b3fd07d6f4f07b410991f54457608dba676559b34a8511e43fbc46045
a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a
a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50
abb04d0d8bfe25e0d56b25050baa316e1a75988aedc49f5ae5ab2e2422c8d8d2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd658831cbc09f0f2dbff00564841640774dd334ef24065e9ff9963380fb043
adb16cdf6425ed765bf7b71039c70fa5d3e86f419a42080c9e66b6e66d36b0c4
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b001db59436e950e2b3ad6438a37313eb45ba92ecc3e33a1483bf11a5d011e5c
b099638d381ce6a934e07708625cda82c8915c92686e438b6997748c68bb627f
b0ce55dfa460ff8cda11cd8900dcab34d70b111e884794adb408e3ae753de1ca
b12c8205872b4b89333d33b7b38d524f096a91e41a74929245006662ee494b2f
b264ca556a09a341d7d8c2ee64e63e0003b32c24ff4ce2b64c202e5b6ab140f7
b3695d710d87019d1cc62a7ec7f9022a03765214257d7cfb71ca7fee40771c98
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b3d6cded2f04212a08ce9f32ec98a1b7e4229fc19f503829232d94ae44a0a3d7
b70d45c58ecabf13610dbf21d2997af3e9af9e738cc036362eebcb58f714997c
b8b3567a5f4ffd45076cc2d6dfbb74d6b626cd339e6bd646116128c31b4a152b
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb50ca73a55f8a84486b6070d15c9330e02d4e929155a6bc9f7a87106032ead0
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bc0414e932655e882b8fdccc64f22670788ac05bd95a5f6761da180a9a568a21
bcd3396237a36c2f754c327b10910edb09eda6e4d53dfe880a55d9feba8d799e
be3e74dbd9087c9f65fc9dd5ee31569b89224f667cab7edafd6ba15890201c2d
c3a58e701b2502c1584f3e58626e6d3301c216f571ffe20718ac40dd9eedfbd1
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
c9307c34a252251e9c348244dcfbf2d211d055744f5cc8a5f976978c105ca5e0
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cca5c2f7dd5ba830290381fc92eb6040b622f6c5e648808bb7446737e0717229
ccf3df14e4bb17063a364e9d790324ad709138419b10a2b0898234e6fc647883
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
ce00da29cb89465494b3e184b065d41c9a39263944cc766bdd5d082d59227d4c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d071c1a5bb04545ecf4737776b084fbd02df67f070acdea5eabad4b14ea7beb0
d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148
d42a5154973ce1847b0f60cd27dbde653347daf6169ed714e2f4a71a87f33a0c
d44942ad4920266c4d36853a98439ae0a51299d1b07a92001745cff81f6601e3
d4515da512fd02b4bfb537c6510258cee2ffe406014f55dbf1b834b22d63d47b
d660861fb44a4b9306dd05b2c61c40808cf85bacc11ff2bc81e8b8bd1a99b853
d709d8f1dd973ae36fbd805efdc6f94b182ee2e570d7e2c5bdcdb01d66d03ddf
d9a4514f330f7dbff481c9d392990313b157286733633627d6e7e6f86f2f10c6
db55e0523e546c7ed0b6344fadc23c5a0a67454915d082197b5e3ee474bca785
db6e4f91b587ab92f4a560c2d50160482bf935f9e208fabe91f9c7e84028025f
db92c1371147395ea935d9f861a42eadee53697dda77e8d794542856dc78d43e
e158a2dae015bb3af7a3667695e1992c4f5cdb46d8c546a1ab30294d1d17dbcb
e1923cb6de11000ec2819490c7ddb539fdba50ae6ca918805623a33898c81d89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e5c0cdd4c5fa0f1ea4a3d188ef7bd3443202ce3ffa320a09865ed9048170f5
ec24f4577fe947b18d7aca8e2655dc5f54201573b27c5ca03f9709b96bf44bf7
ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327
eec6edfea9c4a136280ff54dde6e77dc967dbd06e071049f35781368fd3a20ba
eee3ec679b5da55854d7b42c11353d937d6c9c28f7f03a9ec7205a896caccc47
eefe8595042642eb3905214c664f86d12eff7cd3ba1a976b663f41f36cd97930
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4d717b6f3f3e7f08ea9ec9434146818941eb8035e51bca358e0f1c8aee0d8d
f079e2b8a739d5b127fc2e19c979b96112b58808c5a415b358f7fb0f715b6666
f22be6574f9c4db228ea0ecf2c5508c0091b37748a0c78742dbf9e178c98682a
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f2d74dff32b6d26ddf617e1c85de0e86f3848f2b4cafc41d354ce0ad7ea10669
f480bfb80122d44b2974ad8c307dcae8e817d7e7aaeb67375912c80ca508806a
f82e361906e55cd1783e575ae254265dd8f9fca80959c795a201c3c0a24f7e04
f8e63cd8b99c11281170916dbf1625b1458926a51523bdabbf16681c82a7245e
fb63f20e251eb8f374ba3e774c2efa713eab3483d6b30e086fb317f67e1b695c
fb7347b5739e298dc31fccccb5ccfe4b856e5969cceea4e10a5cff808263f22d
fc633226d9c742527b67f6a5de26d8e7f14292c0c96f6272377a1927c5712fc3
ff64e08cb6fbf6df01e34a0cc910740441a61945941cd71fdecbabdcf917a07a

21stcenturywire.com Open in urlscan Pro 104.26.10.239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

280 Requests

100 %HTTPS

38 %IPv6

33 Domains

61 Subdomains

52 IPs

5 Countries

6793 kBTransfer

12485 kBSize

8 Cookies

62 Outgoing links

Redirected requests

280 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

21stcenturywire.com Open in urlscan Pro
104.26.10.239 Public Scan

Screenshot
Live screenshot

Full Image

280
Requests

100 %
HTTPS

38 %
IPv6

33
Domains

61
Subdomains

52
IPs

5
Countries

6793 kB
Transfer

12485 kB
Size

8
Cookies

280 HTTP transactions
3 data transactions