urlscan.io logo urlscan.io
SecurityTrails logo

hillreporter.com Open in urlscan Pro
136.243.171.217  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.silobreaker.com/e2t/tc/VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-HwrV1-WJV7CgXSVW3yh6wD91XcNGW2r6DCS5cJnhgW...
Effective URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_h...
Submission: On April 15 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 72 IPs in 11 countries across 62 domains to perform 290 HTTP transactions. The main IP is 136.243.171.217, located in Germany and belongs to HETZNER-AS, DE. The main domain is hillreporter.com.
TLS certificate: Issued by R3 on March 10th 2021. Valid for: 3 months.
This is the only time hillreporter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.2 209242 (CLOUDFLAR...)
4 136.243.171.217 24940 (HETZNER-AS)
12 88.99.251.232 24940 (HETZNER-AS)
5 192.0.77.37 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
3 2a03:2880:f01... 32934 (FACEBOOK)
3 2606:4700::68... 13335 (CLOUDFLAR...)
40 151.101.13.44 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2600:9000:20e... 16509 (AMAZON-02)
9 216.58.212.162 15169 (GOOGLE)
4 4 18.156.0.31 16509 (AMAZON-02)
1 52.11.196.81 16509 (AMAZON-02)
1 54.36.109.186 16276 (OVH)
2 44.238.170.237 16509 (AMAZON-02)
1 3 99.84.156.73 16509 (AMAZON-02)
1 213.19.147.210 3356 (LEVEL3)
1 10 34.98.64.218 15169 (GOOGLE)
1 184.30.21.51 16625 (AKAMAI-AS)
1 3 216.52.2.19 30282 (AS-INAPCD...)
3 3.123.167.229 16509 (AMAZON-02)
1 3 185.33.221.90 29990 (ASN-APPNEX)
1 18.194.69.169 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
3 52.22.61.253 14618 (AMAZON-AES)
3 99.84.153.196 16509 (AMAZON-02)
1 8 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 199.232.137.44 54113 (FASTLY)
2 12 141.226.228.48 200478 (TABOOLA-AS)
4 8 52.208.73.212 16509 (AMAZON-02)
3 2600:1f18:612... 14618 (AMAZON-AES)
3 18.184.153.186 16509 (AMAZON-02)
4 4 185.94.180.125 35220 (SPOTX-AMS)
7 10 54.93.211.166 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
44 2a00:1450:400... 15169 (GOOGLE)
1 1 184.30.212.16 16625 (AKAMAI-AS)
2 104.111.230.142 16625 (AKAMAI-AS)
2 69.173.144.165 26667 (RUBICONPR...)
3 6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 18.193.136.159 16509 (AMAZON-02)
1 2 198.148.27.140 19189 (PULSEPOINT)
7 9 142.250.186.162 15169 (GOOGLE)
10 185.64.189.110 62713 (AS-PUBMATIC)
1 185.86.138.114 201081 (SMARTADSE...)
1 18.195.155.181 16509 (AMAZON-02)
2 2 178.250.0.163 44788 (ASN-CRITE...)
1 1 172.104.64.149 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 184.30.20.185 16625 (AKAMAI-AS)
1 104.17.119.107 13335 (CLOUDFLAR...)
2 184.30.20.198 16625 (AKAMAI-AS)
1 104.111.242.245 16625 (AKAMAI-AS)
1 185.33.220.243 29990 (ASN-APPNEX)
1 185.64.189.115 62713 (AS-PUBMATIC)
2 2 213.155.156.182 1299 (TELIANET ...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.106 62713 (AS-PUBMATIC)
1 169.50.137.190 36351 (SOFTLAYER)
3 3 37.157.4.41 198622 (ADFORM)
2 2 185.29.132.144 30419 (MEDIAMATH...)
2 2 23.111.200.117 7979 (SERVERS-COM)
2 2a00:1288:110... 34010 (YAHOO-IRD)
2 185.64.189.114 62713 (AS-PUBMATIC)
2 2 35.158.49.68 16509 (AMAZON-02)
1 1 18.158.167.137 16509 (AMAZON-02)
290 72
2    199.60.103.2 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.silobreaker.com
4    136.243.171.217 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.217.171.243.136.clients.your-server.de
hillreporter.com
12    88.99.251.232 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.232.251.99.88.clients.your-server.de
cdn.hillreporter.com
5    192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    2a03:2880:f013:d:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
eb.proper.io
40    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
10    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
www.youtube.com
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f113:81:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2600:9000:20e8:ca00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
9    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
securepubads.g.doubleclick.net
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    52.11.196.81 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-196-81.us-west-2.compute.amazonaws.com
usync.proper.io
1    54.36.109.186 (France)

ASN16276 (OVH, FR)
PTR: p06.id5-sync.com
id5-sync.com
2    44.238.170.237 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-170-237.us-west-2.compute.amazonaws.com
bids.proper.io
3    99.84.156.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-73.txl52.r.cloudfront.net
sb.scorecardresearch.com
1    213.19.147.210 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
10    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
propermedia-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
1    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
3    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
ce.lijit.com
3    3.123.167.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-167-229.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    18.194.69.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-69-169.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    52.22.61.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-61-253.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
3    99.84.153.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-153-196.txl52.r.cloudfront.net
c.amazon-adsystem.com
8    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
pagead2.googlesyndication.com
5    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
12    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
15.taboola.com
vidstat.taboola.com
wf.taboola.com
match.taboola.com
12    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
am-wf.taboola.com
8    52.208.73.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-73-212.eu-west-1.compute.amazonaws.com
match.adsrvr.org
3    2600:1f18:612b:4200:8331:bab2:3072:ce38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
3    18.184.153.186 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-153-186.eu-central-1.compute.amazonaws.com
pixel.advertising.com
4    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
10    54.93.211.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-211-166.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
2    2a00:1450:400c:c02::84 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
44    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
1    184.30.212.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
6    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    18.193.136.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-136-159.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
9    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
10    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    185.86.138.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
e1.emxdgt.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    172.104.64.149 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
s.c.appier.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    184.30.20.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-185.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    213.155.156.182 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.190.106 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
3    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.29.132.144 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    23.111.200.117 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    35.158.49.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
1    18.158.167.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-167-137.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
Apex Domain
Subdomains		 Transfer
64 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
am-match.taboola.com
wf.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
match.taboola.com
am-wf.taboola.com
857 KB
37 googlesyndication.com
6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
288 KB
26 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
173 KB
17 pubmatic.com
hbopenbid.pubmatic.com
simage2.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
34 KB
16 hillreporter.com
hillreporter.com
cdn.hillreporter.com
275 KB
15 ampproject.org
cdn.ampproject.org
322 KB
10 bidswitch.net
x.bidswitch.net
3 KB
10 openx.net
propermedia-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
10 gstatic.com
fonts.gstatic.com
193 KB
9 youtube.com
www.youtube.com
683 KB
8 adsrvr.org
match.adsrvr.org
3 KB
8 google.com
www.google.com
adservice.google.com
474 B
7 wp.com
c0.wp.com
stats.wp.com
pixel.wp.com
59 KB
6 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
4 KB
6 proper.io
global.proper.io
usync.proper.io
bids.proper.io
eb.proper.io
171 KB
5 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
11 KB
5 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
4 KB
5 quantserve.com
secure.quantserve.com
pixel.quantserve.com
19 KB
4 spotxchange.com
sync.search.spotxchange.com
3 KB
3 adform.net
c1.adform.net
2 KB
3 googletagservices.com
www.googletagservices.com
100 KB
3 advertising.com
pixel.advertising.com
373 B
3 tremorhub.com
taboola-supply-partners.tremorhub.com
547 B
3 amazon-adsystem.com
c.amazon-adsystem.com
36 KB
3 mantisadnetwork.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
1 KB
3 sharethrough.com
btlr.sharethrough.com
340 B
3 lijit.com
ap.lijit.com
ce.lijit.com
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 facebook.net
connect.facebook.net
100 KB
3 googleapis.com
fonts.googleapis.com
2 KB
2 w55c.net
pm.w55c.net
1 KB
2 betweendigital.com
ads.betweendigital.com
1019 B
2 mathtag.com
sync.mathtag.com
1 KB
2 fiftyt.com
visitor.fiftyt.com
994 B
2 semasio.net
uipglob.semasio.net
923 B
2 de17a.com
d5p.de17a.com
637 B
2 criteo.com
dis.criteo.com
836 B
2 contextweb.com
bh.contextweb.com
828 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 emxdgt.com
hb.emxdgt.com
e1.emxdgt.com
218 B
2 teads.tv
a.teads.tv
sync.teads.tv
1 KB
2 quantcount.com
rules.quantcount.com
696 B
2 facebook.com
www.facebook.com
276 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 silobreaker.com
info.silobreaker.com
4 KB
1 creative-serving.com
ads.creative-serving.com
341 B
1 simpli.fi
um.simpli.fi
607 B
1 zeotap.com
mwzeom.zeotap.com
404 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 rfihub.com
p.rfihub.com
774 B
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
360 B
1 smartadserver.com
rtb-csync.smartadserver.com
1 2mdn.net
s0.2mdn.net
23 KB
1 google.nl
adservice.google.nl
799 B
1 1rx.io
tag.1rx.io
273 B
1 id5-sync.com
id5-sync.com
471 B
1 google.de
www.google.de
107 B
1 onesignal.com
cdn.onesignal.com
3 KB
1 googletagmanager.com
www.googletagmanager.com
38 KB
0 tapad.com Failed
pixel.tapad.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
290 62
Domain Requested by
29 tpc.googlesyndication.com securepubads.g.doubleclick.net
hillreporter.com
cdn.ampproject.org
info.silobreaker.com
6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
tpc.googlesyndication.com
20 images.taboola.com hillreporter.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
12 cdn.taboola.com hillreporter.com
cdn.taboola.com
12 cdn.hillreporter.com hillreporter.com
cdn.hillreporter.com
10 x.bidswitch.net 7 redirects imprammp.taboola.com
am-match.taboola.com
10 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
9 cm.g.doubleclick.net 7 redirects eu-u.openx.net
9 securepubads.g.doubleclick.net global.proper.io
securepubads.g.doubleclick.net
hillreporter.com
info.silobreaker.com
www.googletagservices.com
9 www.youtube.com hillreporter.com
c0.wp.com
www.youtube.com
8 match.adsrvr.org 4 redirects imprammp.taboola.com
am-match.taboola.com
eu-u.openx.net
8 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
7 trc.taboola.com cdn.taboola.com
hillreporter.com
7 www.google.com 3 redirects hillreporter.com
6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
6 simage2.pubmatic.com ads.pubmatic.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 googleads.g.doubleclick.net 1 redirects www.youtube.com
6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
5 c0.wp.com hillreporter.com
4 eu-u.openx.net global.proper.io
eu-u.openx.net
4 image2.pubmatic.com ads.pubmatic.com
4 sync.taboola.com 2 redirects
4 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
4 sync.search.spotxchange.com 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 hillreporter.com info.silobreaker.com
hillreporter.com
cdn.hillreporter.com
3 us-u.openx.net eu-u.openx.net
3 c1.adform.net 3 redirects
3 www.googletagservices.com securepubads.g.doubleclick.net
6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
3 pixel.advertising.com imprammp.taboola.com
am-match.taboola.com
3 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
3 c.amazon-adsystem.com global.proper.io
c.amazon-adsystem.com
3 ib.adnxs.com 1 redirects global.proper.io
3 btlr.sharethrough.com global.proper.io
3 pixel.quantserve.com 1 redirects hillreporter.com
mantodea.mantisadnetwork.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
hillreporter.com
3 connect.facebook.net hillreporter.com
connect.facebook.net
3 fonts.googleapis.com hillreporter.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 pm.w55c.net 2 redirects
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
eu-u.openx.net
2 ads.betweendigital.com 2 redirects
2 sync.mathtag.com 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 ads.pubmatic.com global.proper.io
ads.pubmatic.com
2 dis.criteo.com 2 redirects
2 ce.lijit.com 1 redirects
2 bh.contextweb.com 1 redirects
2 u.openx.net 1 redirects
2 rtb.mfadsrvr.com 2 redirects
2 eus.rubiconproject.com am-match.taboola.com
eus.rubiconproject.com
2 6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 mantodea.mantisadnetwork.com global.proper.io
2 bids.proper.io global.proper.io
2 rules.quantcount.com secure.quantserve.com
2 www.facebook.com hillreporter.com
connect.facebook.net
2 secure.quantserve.com global.proper.io
mantodea.mantisadnetwork.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 global.proper.io hillreporter.com
global.proper.io
2 info.silobreaker.com 1 redirects
1 am-wf.taboola.com vidstat.taboola.com
1 simage4.pubmatic.com ads.pubmatic.com
1 ads.creative-serving.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 ecs.mantisadnetwork.com mantodea.mantisadnetwork.com
1 image6.pubmatic.com ads.pubmatic.com
1 secure.adnxs.com acdn.adnxs.com
1 sync.teads.tv global.proper.io
1 biddr.brealtime.com global.proper.io
1 acdn.adnxs.com global.proper.io
1 p.rfihub.com 1 redirects
1 bttrack.com
1 s.c.appier.net 1 redirects
1 e1.emxdgt.com
1 rtb-csync.smartadserver.com eu-u.openx.net
1 pixel.rubiconproject.com
1 match.taboola.com
1 s0.2mdn.net tpc.googlesyndication.com
1 token.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.nl securepubads.g.doubleclick.net
1 am-vid-events.taboola.com hillreporter.com
1 imprammp.taboola.com vidstat.taboola.com
1 eb.proper.io global.proper.io
1 15.taboola.com cdn.taboola.com
1 static.doubleclick.net www.youtube.com
1 hbopenbid.pubmatic.com global.proper.io
1 hb.emxdgt.com global.proper.io
1 ap.lijit.com global.proper.io
1 a.teads.tv global.proper.io
1 propermedia-d.openx.net global.proper.io
1 tag.1rx.io global.proper.io
1 id5-sync.com global.proper.io
1 usync.proper.io hillreporter.com
1 www.google.de hillreporter.com
1 stats.g.doubleclick.net www.google-analytics.com
1 pixel.wp.com hillreporter.com
1 stats.wp.com hillreporter.com
1 cdn.onesignal.com hillreporter.com
1 www.googletagmanager.com hillreporter.com
0 pixel.tapad.com Failed
0 api.rlcdn.com Failed global.proper.io
290 108
Subject Issuer Validity Valid
info.silobreaker.com
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
hillreporter.com
R3		 2021-03-10 -
2021-06-08		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2020-12-20 -
2022-01-20		 a year crt.sh
*.id5-sync.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
teads.tv
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2020-11-13 -
2021-12-12		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.google.nl
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh

This page contains 24 frames:

Primary Page: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Frame ID: 3FDED676F8C788935BE35A47C54A11FC
Requests: 131 HTTP requests in this frame

Frame: https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
Frame ID: B8E2AB59F2ED39410660C5BD08DCA476
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
Frame ID: 8E93D94CF98518068B9843A9BCDD5399
Requests: 12 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&cmcv=&pix=undefined&cb=1618486800924&uv=2949&tms=1618486800924&abt=adh5c-1_vA!insc_vA!smbs!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=8F12DEDA71100287382049827516&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: D4640082504B583E7CE1AF59E4D9D12F
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 1D63D0F7349C03909D10A05AC0760F9B
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: C44F65E4397F40A9969CC42AE26D4871
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 264A0E3D5F5EA4DB73225B5457BD430D
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: A61474D531B06A6319E436CFE675B64E
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 0E18F92892BB943909A537B98AB430C3
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 243B071258F27EBD59FFFCB6220F876A
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstC2QgR-4ovqIiGacMNDyfl9yiglfVmJgBnEOKmptgDwp6HU3HFWvy-m-0gYymdgkqFaEU49ZP-fCCb-AZB9XcWOOJQBGQM2LOBkBgFyfUX76znpVxpK_Qw2ize0NQXh4eVPIZCtCG6c_yhz1dZ4To7riu5DG4tfpSxR8acGLoOdFC2Em7q8A_m0OEcAFZgC1M3ykAWLLNGNrmL9HiPjlxHLzBkL6XeriI7VVx37ZDaByJKA3szJJBCh7Z5vEzwx4mwLWNDiL4wjrkQd4yEm0hqf2H--P9FZ9rmkpWbhv1ikB6mLfFyGJA2-jHnAQ&sig=Cg0ArKJSzAnhNnSxZhoJEAE&urlfix=1&adurl=
Frame ID: 4C7CDB777E6A510D54F3E183E9A71C41
Requests: 4 HTTP requests in this frame

Frame: https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DDD9C5AEC658ED6BCC15A7208F7B9212
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/index.html
Frame ID: 3CA7648622D438E234B2D86AFBFA4299
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 02E92FBB3D1476BDE86009793583C73C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: AC42CD679F2D918A44AC5DE64454CEF3
Requests: 2 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=801bc00d-3ac6-4ffe-820a-ce31c4b6a2c2&tbid=4a83ea55-e339-4537-9f29-8fe4356a76c9-tuct771ab92&query=taboola_hm%3D801bc00d-3ac6-4ffe-820a-ce31c4b6a2c2&isDirect=0
Frame ID: 1FC50453FE661BC246CFF9DD02A94D71
Requests: 18 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 1DA75A485558326AFE3835E9FC21833F
Requests: 2 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1618486799834&secure=true&version=9&mobile=false&title=WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump%27s%20Capitol%20Insurrection%20%7C%20HillReporter.com&url=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Frame ID: 23B040209BD8778090BB892D9978A3FB
Requests: 5 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 851678192D0907CBBA213B602D11A876
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 91D26A2D6F6F741A710676BB8A36B9BA
Requests: 17 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Frame ID: DCCCD9A8E6C0143040A6851A82F3C7E0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: 0A9453B748D164C12EC85528392C36C5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6263393849656554751
Frame ID: 6B7A6F8E18B18FC5BC38900BD79E33D2
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Frame ID: 1901E5293C92F5597A7190AA7107E9EA
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://info.silobreaker.com/e2t/tc/VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-HwrV1-WJV7CgXSVW3yh6wD... Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-Hwr... HTTP 307
    https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-980... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

290
Requests

98 %
HTTPS

32 %
IPv6

62
Domains

108
Subdomains

72
IPs

11
Countries

3427 kB
Transfer

10007 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.silobreaker.com/e2t/tc/VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-HwrV1-WJV7CgXSVW3yh6wD91XcNGW2r6DCS5cJnhgW75Zj7S1DZ7-bW1-Tnhd519Nq7W5CpgfM29nwxWW3Hh2qz8lZ5vrW6M0yTg6rZ_FCW61TCpy2p3mpJW3R-pds86QHC8W8j5gYc7cbP6SW72tgYf97nhVpW8FJgD65VFCHyW4mNPNx5cCTdFVtszJ-1pnlV0W674gDx1_3Jf5W3xzwNq6vQDs7W1c1V4p4VpX4hW5KHy6h6KSk7LW2Vy4jw7j1J32W4YYt674q28sNW2V9gRC9j7fTSW2Y09LZ3_F6fCW8dT66L7zjylXW1w5rrN82Czj-W2-vcHj3K9lkVW6TZ-s6896X2f357f1 Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-HwrV1-WJV7CgXSVW3yh6wD91XcNGW2r6DCS5cJnhgW75Zj7S1DZ7-bW1-Tnhd519Nq7W5CpgfM29nwxWW3Hh2qz8lZ5vrW6M0yTg6rZ_FCW61TCpy2p3mpJW3R-pds86QHC8W8j5gYc7cbP6SW72tgYf97nhVpW8FJgD65VFCHyW4mNPNx5cCTdFVtszJ-1pnlV0W674gDx1_3Jf5W3xzwNq6vQDs7W1c1V4p4VpX4hW5KHy6h6KSk7LW2Vy4jw7j1J32W4YYt674q28sNW2V9gRC9j7fTSW2Y09LZ3_F6fCW8dT66L7zjylXW1w5rrN82Czj-W2-vcHj3K9lkVW6TZ-s6896X2f357f1?_ud=4c99b96d-ad28-456a-8293-2d552428b4cf&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_80ebb260_41fd2061_1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_80ebb260_41fd2061_1&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-MNp8vXtE2uGXPEcipsF7UI1pfAmCVcfZ~A
Request Chain 71
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 77
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1618486800160&ns_c=UTF-8&cv=3.5&c8=WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump%27s%20Capitol%20Insurrection%20%7C%20HillReporter.com&c7=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1618486800160&ns_c=UTF-8&cv=3.5&c8=WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump%27s%20Capitol%20Insurrection%20%7C%20HillReporter.com&c7=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y&c9=
Request Chain 123
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=500398df-9ddf-11eb-bdbc-186cd56e4a06 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=50039884-9ddf-11eb-bdbc-186cd56e4a06&orig=video&us_privacy=1---
Request Chain 128
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=5005da7f-9ddf-11eb-a808-1e8b65534e06 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5005da04-9ddf-11eb-a808-1e8b65534e06&orig=video&us_privacy=1---
Request Chain 149
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 198
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 199
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 223
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 231
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=801bc00d-3ac6-4ffe-820a-ce31c4b6a2c2 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=801bc00d-3ac6-4ffe-820a-ce31c4b6a2c2&tbid=4a83ea55-e339-4537-9f29-8fe4356a76c9-tuct771ab92&query=taboola_hm%3D801bc00d-3ac6-4ffe-820a-ce31c4b6a2c2&isDirect=0
Request Chain 232
  • https://u.openx.net/w/1.0/sd?id=543998486&val=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&gdpr=0&gdpr_consent=
Request Chain 234
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=4b6a13fTksBR&ev=1&orig=trc&pid=562107
Request Chain 236
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEM9YrAJCloNB3j7H4PM68dc&google_cver=1
Request Chain 238
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=4a83ea55-e339-4537-9f29-8fe4356a76c9-tuct771ab92 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=4a83ea55-e339-4537-9f29-8fe4356a76c9-tuct771ab92&google_tc=
Request Chain 239
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ad987089-1dbb-4b54-8eb5-c82a22cfe132
Request Chain 240
  • https://ce.lijit.com/merge?pid=42&3pid=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 244
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=c2af61f9-f86d-48c4-819b-8e6517529180
Request Chain 245
  • https://id5-sync.com/s/464/9.gif?puid=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOtOQ5T-RFjcFe_R99Mn55cABQ8kbOf-_AuDzPYg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOtOQ5T-RFjcFe_R99Mn55cABQ8kbOf-_AuDzPYg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=28fd64f8-d016-4e2c-b0b8-9b7176b7bec8&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEF48jxBdkANCD7wIV2gJiVQ&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEF48jxBdkANCD7wIV2gJiVQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEF48jxBdkANCD7wIV2gJiVQ%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4107778335874001504&opid=apx&ops=&utidl=tech:goo:CAESEF48jxBdkANCD7wIV2gJiVQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A16922969980&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/4/4.gif?puid=218f545220656da5922dee5880b9e6b2&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/3/5.gif?puid=17df82ce-6b2e-4498-9714-15534a9cc89e&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 246
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=0Wf3mCJeCfGm9oJ2EyZ4YA
Request Chain 248
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1871878969223723878&expires=30&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b261bd84-9361-4350-94c8-8bf01b151ca1
Request Chain 261
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=ad987089-1dbb-4b54-8eb5-c82a22cfe132
Request Chain 264
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Request Chain 265
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6263393849656554751
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZyefn7XQ4ewSegvPl56aw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 268
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 269
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&addseg=17
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjU5QzlFN0UtN0VENy00Mzg3LUIwNDktRTgyRjNFNUU3QTZC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA01BUwKCAuN0RmOWyk6hQI&google_cver=1
Request Chain 273
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ad987089-1dbb-4b54-8eb5-c82a22cfe132
Request Chain 274
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1821842302308344554
Request Chain 275
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:54266078-2614-4400-81ba-aa6d52ceb200&gdpr=0&gdpr_consent=
Request Chain 276
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4107778335874001504&gdpr=0&gdpr_consent=
Request Chain 277
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=8e6055ac-33fb-5169-901a-5a8bf0627c9e&ssp=pubmatic&expires=30&user_group=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b261bd84-9361-4350-94c8-8bf01b151ca1&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 279
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-yJjsq81E2uW4T_MsZZ.egWj4bTfEJ_E-~A&gdpr=0&gdpr_consent=
Request Chain 283
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=RpI5Fyll1Lx0lU5
Request Chain 284
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=b261bd84-9361-4350-94c8-8bf01b151ca1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=17df82ce-6b2e-4498-9714-15534a9cc89e&ssp=openx&expires=30&user_group=5&bsw_param=b261bd84-9361-4350-94c8-8bf01b151ca1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=b261bd84-9361-4350-94c8-8bf01b151ca1
Request Chain 285
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDU2RFN0E4RXdBQUNyWDJQcmlGUQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACSdE7A8EwAACrX2PriFQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACSdE7A8EwAACrX2PriFQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 286
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=54266078-2614-4400-81ba-aa6d52ceb200
Request Chain 287
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=iHqx2Yx8t9STe7KEjX6r1d944ICTL-DRji_bT7Rs
Request Chain 288
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1821842302308344554
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH5Oz5_DS_fwtgWq6-5DjPQ&google_cver=1

290 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-HwrV1-WJV7CgXSVW3yh6wD91XcNGW2r6DCS5cJnhgW75Zj7S1DZ7-bW1-Tnhd519Nq7W5CpgfM29nwxWW3Hh2qz8lZ5vrW6M0yTg6rZ_FCW61TCpy2p3mpJW3R-pds86QHC8W8j5gYc7cbP6SW72tg...
info.silobreaker.com/e2t/tc/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.silobreaker.com/e2t/tc/VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-HwrV1-WJV7CgXSVW3yh6wD91XcNGW2r6DCS5cJnhgW75Zj7S1DZ7-bW1-Tnhd519Nq7W5CpgfM29nwxWW3Hh2qz8lZ5vrW6M0yTg6rZ_FCW61TCpy2p3mpJW3R-pds86QHC8W8j5gYc7cbP6SW72tgYf97nhVpW8FJgD65VFCHyW4mNPNx5cCTdFVtszJ-1pnlV0W674gDx1_3Jf5W3xzwNq6vQDs7W1c1V4p4VpX4hW5KHy6h6KSk7LW2Vy4jw7j1J32W4YYt674q28sNW2V9gRC9j7fTSW2Y09LZ3_F6fCW8dT66L7zjylXW1w5rrN82Czj-W2-vcHj3K9lkVW6TZ-s6896X2f357f1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a0db6e7ba8d477feb2425d4a1252a5600b6cb8442b1f361769ec80274ac2ab8

Request headers

:method
GET
:authority
info.silobreaker.com
:scheme
https
:path
/e2t/tc/VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-HwrV1-WJV7CgXSVW3yh6wD91XcNGW2r6DCS5cJnhgW75Zj7S1DZ7-bW1-Tnhd519Nq7W5CpgfM29nwxWW3Hh2qz8lZ5vrW6M0yTg6rZ_FCW61TCpy2p3mpJW3R-pds86QHC8W8j5gYc7cbP6SW72tgYf97nhVpW8FJgD65VFCHyW4mNPNx5cCTdFVtszJ-1pnlV0W674gDx1_3Jf5W3xzwNq6vQDs7W1c1V4p4VpX4hW5KHy6h6KSk7LW2Vy4jw7j1J32W4YYt674q28sNW2V9gRC9j7fTSW2Y09LZ3_F6fCW8dT66L7zjylXW1w5rrN82Czj-W2-vcHj3K9lkVW6TZ-s6896X2f357f1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d87036444fe6552cf0e019d3a14aba9711618486798; expires=Sat, 15-May-21 11:39:58 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=2a9f685d97dba492e3669021340bdf55e889d6b5-1618486799; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray
6404e57d7dbefa64-AMS
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0976edc26b0000fa64e33b3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VUzDrao2yv3TmNZD9fVFWzTGJJnOdmVpFouQvA5JGkSDYwUvAMwwbtP6gFfEqY8hsw8M5Orahl9DzHFsGejDgCogOIr7dWr0E3p1aF4pNajWGaYfDw%3D%3D"}],"max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
content-encoding
br
Primary Request watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098
hillreporter.com/
Redirect Chain
  • https://info.silobreaker.com/events/public/v1/track/tc/VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-HwrV1-WJV7CgXSVW3yh6wD91XcNGW2r6DCS5cJnhgW75Zj7S1DZ7-bW1-Tnhd519Nq7W5CpgfM29nwxWW3Hh2qz8lZ5vrW6...
  • https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs...
73 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-HwrV1-WJV7CgXSVW3yh6wD91XcNGW2r6DCS5cJnhgW75Zj7S1DZ7-bW1-Tnhd519Nq7W5CpgfM29nwxWW3Hh2qz8lZ5vrW6M0yTg6rZ_FCW61TCpy2p3mpJW3R-pds86QHC8W8j5gYc7cbP6SW72tgYf97nhVpW8FJgD65VFCHyW4mNPNx5cCTdFVtszJ-1pnlV0W674gDx1_3Jf5W3xzwNq6vQDs7W1c1V4p4VpX4hW5KHy6h6KSk7LW2Vy4jw7j1J32W4YYt674q28sNW2V9gRC9j7fTSW2Y09LZ3_F6fCW8dT66L7zjylXW1w5rrN82Czj-W2-vcHj3K9lkVW6TZ-s6896X2f357f1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.171.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.217.171.243.136.clients.your-server.de
Software
nginx /
Resource Hash
351033311772ac0d63ab9d8bbcffd1a30752603f66cc97a7deefd46977be87bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
hillreporter.com
:scheme
https
:path
/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://info.silobreaker.com/e2t/tc/VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-HwrV1-WJV7CgXSVW3yh6wD91XcNGW2r6DCS5cJnhgW75Zj7S1DZ7-bW1-Tnhd519Nq7W5CpgfM29nwxWW3Hh2qz8lZ5vrW6M0yTg6rZ_FCW61TCpy2p3mpJW3R-pds86QHC8W8j5gYc7cbP6SW72tgYf97nhVpW8FJgD65VFCHyW4mNPNx5cCTdFVtszJ-1pnlV0W674gDx1_3Jf5W3xzwNq6vQDs7W1c1V4p4VpX4hW5KHy6h6KSk7LW2Vy4jw7j1J32W4YYt674q28sNW2V9gRC9j7fTSW2Y09LZ3_F6fCW8dT66L7zjylXW1w5rrN82Czj-W2-vcHj3K9lkVW6TZ-s6896X2f357f1

Response headers

server
nginx
date
Thu, 15 Apr 2021 11:39:59 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
link
<https://hillreporter.com/wp-json/>; rel="https://api.w.org/" <https://hillreporter.com/wp-json/wp/v2/posts/98098>; rel="alternate"; type="application/json" <https://hillreporter.com/?p=98098>; rel=shortlink
vary
Accept-Encoding, Cookie
last-modified
Thu, 15 Apr 2021 10:59:23 GMT
x-presslabs-stats
HIT; 0.146s; 21 queries; desktop; ttl 1800s; refreshing
content-encoding
gzip
x-request-id
fce95fa091aa6c8cb6ed2a6dc8c06e12
strict-transport-security
max-age=31536000

Redirect headers

date
Thu, 15 Apr 2021 11:39:59 GMT
location
https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
cf-ray
6404e57e9f99fa64-AMS
link
<https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0976edc31f0000fa6401241000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-robots-tag
none
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GqvzZwsOTuQLmOduU2lo7wORTfw%2F2m8HTjK5Dy%2Bc2BrqjW%2FzwILE4micUZAHywbsb28KZdgE%2BRmAzYM%2FjQp%2FH10JlLVQucGSDT3Lm7OMc2MIWSOFIA%3D%3D"}],"max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
front.css
cdn.hillreporter.com/wp-content/plugins/mag-builder/css/ 		791 B
514 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-content/plugins/mag-builder/css/front.css?ver=2.4.23
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.251.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.232.251.99.88.clients.your-server.de
Software
nginx /
Resource Hash
3cde7327c67a2bde4b077ce381cda87e1cdbc5b0e7eab38f7c4ab06078f97ed5

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 06:19:01 GMT
server
nginx
etag
W/"6066b755-317"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
145fd840bbdae163b27b86e213e993ab
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
c0.wp.com/c/5.7/wp-includes/css/dist/block-library/ 		57 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
29778a6252b89c79ad8a313692c3f4b8ff5e300c463858732f28da488dd2cc05
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
br
last-modified
Tue, 02 Mar 2021 00:46:20 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Fri, 15 Apr 2022 11:39:59 GMT
gdm-blocks.css
cdn.hillreporter.com/wp-content/plugins/google-drive-embedder/css/ 		490 B
566 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-content/plugins/google-drive-embedder/css/gdm-blocks.css?ver=5.7
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.251.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.232.251.99.88.clients.your-server.de
Software
nginx /
Resource Hash
fd5cb099e20880a844303f3fa924ec36445155c0e874418b092dde6a6b5dcfe9

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 06:19:00 GMT
server
nginx
etag
W/"6066b754-1ea"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
3cf0178d90ffea1a75c71f3f7db6a9b3
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
cdn.hillreporter.com/wp-content/themes/newsdesk_theme/ 		70 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/style.css?ver=1618462257
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.251.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.232.251.99.88.clients.your-server.de
Software
nginx /
Resource Hash
9e517641e1c47d965766f6b39e1293ada96d8c04ee1ba730cae2c73344486f22

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 04:50:57 GMT
server
nginx
etag
W/"6077c631-116f9"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
145fd840bbdae163b27b86e213e993ab
expires
Thu, 31 Dec 2037 23:55:55 GMT
jetpack.css
c0.wp.com/p/jetpack/9.5/css/ 		75 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.5/css/jetpack.css
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
br
last-modified
Tue, 23 Feb 2021 16:08:42 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Fri, 15 Apr 2022 11:39:59 GMT
jquery.min.js
c0.wp.com/c/5.7/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7/wp-includes/js/jquery/jquery.min.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
br
last-modified
Wed, 07 Oct 2020 16:33:25 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Fri, 15 Apr 2022 11:39:59 GMT
jquery-migrate.min.js
c0.wp.com/c/5.7/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Fri, 15 Apr 2022 11:39:59 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-100615071-2
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8ba1617a5fa1cfa3fb15e3aa64749af2906ae591464b29721f8cdc6005975348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39120
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Apr 2021 11:39:59 GMT
logo3.png
cdn.hillreporter.com/wp-content/themes/newsdesk_theme/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/images/logo3.png
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.251.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.232.251.99.88.clients.your-server.de
Software
nginx /
Resource Hash
53da7e4b2b784af81549ddfe3ebc3374f06ef290f620c5f2aa231530da07445b

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 06:19:03 GMT
server
nginx
etag
W/"6066b757-3dff"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/png
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
f7ba4074a66a16ca41e629f4632b1924
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji-release.min.js
cdn.hillreporter.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.251.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.232.251.99.88.clients.your-server.de
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
gzip
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
etag
W/"5ff5d754-3795"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
f7ba4074a66a16ca41e629f4632b1924
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		9 KB
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%7CNoto+Serif%3A400%2C700&ver=5.7
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc9bc1b8a8d7d7140117999c802b9be2e00337e9ab4bd7c69aff5ae57afa116c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 11:14:31 GMT
server
ESF
date
Thu, 15 Apr 2021 11:39:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Apr 2021 11:39:59 GMT
jquery.fitvids.js
cdn.hillreporter.com/wp-content/plugins/fitvids-for-wordpress/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-content/plugins/fitvids-for-wordpress/jquery.fitvids.js?ver=1.1
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.251.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.232.251.99.88.clients.your-server.de
Software
nginx /
Resource Hash
4eeeaa4e345fef8be54d0a26426b4fb41a4fa9110bf30cba2254472189aca82c

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 06:19:00 GMT
server
nginx
etag
W/"6066b754-edb"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
917646f5765dca56792cc20d327b2e78
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
c0.wp.com/c/5.7/wp-includes/js/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7/wp-includes/js/wp-embed.min.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Fri, 15 Apr 2022 11:39:59 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b24cc75d726600ecd77219c27bcba8a1e4d100c3dd411a2ea30e0167b414ee

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
1992
etag
W/"1462b90a76cb55e61497af0c736a3b3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6404e581aec84dc4-FRA
cf-request-id
0976edc51000004dc4db0b9000000001
expires
Sun, 18 Apr 2021 11:39:59 GMT
ajax-load-more.min.js
cdn.hillreporter.com/wp-content/plugins/ajax-load-more/core/dist/js/ 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-content/plugins/ajax-load-more/core/dist/js/ajax-load-more.min.js?ver=5.4.4
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.251.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.232.251.99.88.clients.your-server.de
Software
nginx /
Resource Hash
8039e55bd4746350f2afb2187ec8271e80c4dc8b0972bf24a47d45ebc17203a3

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 06:19:00 GMT
server
nginx
etag
W/"6066b754-3314f"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
cf54795a8390f173d077c123767b84c8
expires
Thu, 31 Dec 2037 23:55:55 GMT
drawer.min.js
cdn.hillreporter.com/wp-content/themes/newsdesk_theme/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/js/drawer.min.js?ver=5.7
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.251.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.232.251.99.88.clients.your-server.de
Software
nginx /
Resource Hash
6bfc1cffba6bac80d7d839716f8aaac9a11c922685738ce9fe8ac273edcda947

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 06:19:03 GMT
server
nginx
etag
W/"6066b757-9118"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
cf54795a8390f173d077c123767b84c8
expires
Thu, 31 Dec 2037 23:55:55 GMT
e-202115.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202115.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT ams
date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 03 Apr 2022 22:20:27 GMT
V3CykjuIU7M2.js
hillreporter.com/ 		1 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hillreporter.com/V3CykjuIU7M2.js?ts=48020
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.171.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.217.171.243.136.clients.your-server.de
Software
nginx /
Resource Hash
3fa473d6b3c64226cfee6729a9c111dcef10b1312b1f5806036e7ea8348b2f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/V3CykjuIU7M2.js?ts=48020
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hillreporter.com
referer
https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
gzip
last-modified
Fri, 11 Sep 2020 11:27:18 GMT
server
nginx
etag
W/"5f5b5f16-5c4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
strict-transport-security
max-age=31536000
x-presslabs-stats
desktop
x-request-id
d3b15e8ac97573b1156758b35b37e206
expires
Thu, 01 Jan 1970 00:00:01 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23960
x-fb-rlafr
0
pragma
public
x-fb-debug
JSXWW4WVsEONqPnex9gf90UTdL+zgDm0FGmgQOrf8cMjyQYp8znezdtWdDoItEQ19j+rHBhy32CQGNISkI0EBw==
x-fb-trip-id
1679558926
x-frame-options
DENY
date
Thu, 15 Apr 2021 11:39:59 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
x-xss-protection
0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
hillreporter.min.js
global.proper.io/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/hillreporter.min.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f8db0cbffb9df08e4f3d194e9c9ccfc74a4c6b728bb5a61475464a77c00f43

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Feb 2021 22:59:14 GMT
server
cloudflare
age
4362527
etag
W/"603588c2-39bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6404e581bec8d729-FRA
cf-request-id
0976edc5180000d72930330000000001
expires
Thu, 15 Apr 2021 11:44:59 GMT
loader.js
cdn.taboola.com/libtrc/hillreporter-network/ 		188 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
422fd2220bef50b2c89586dcec80be3c094ad508ff6c27687c44e0c2aa4c001c

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
O2_fkLSgNtf1XSnsLAQGN5kyplKiQCva
content-encoding
gzip
etag
"f0febd7f6242a27a4df6caececbc3232"
age
0
x-cache
HIT
content-length
24925
x-amz-id-2
MjsIOk51NoX10yr+pfqe27gSxFe/PuuoqIrFfBWpEqzfu5ZG0usd0Vi8vJ+Mio6LwyqfNeOAWvk=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 14 Apr 2021 09:19:01 GMT
server
AmazonS3
x-timer
S1618486800.670647,VS0,VE203
date
Thu, 15 Apr 2021 11:39:59 GMT
vary
Accept-Encoding
x-amz-request-id
J8R0F5H3JNQWVHA9
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
91
x-cache-hits
1
header.jpg
cdn.hillreporter.com/wp-content/themes/newsdesk_theme/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/images/header.jpg
Requested by
Host: cdn.hillreporter.com
URL: https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/style.css?ver=1618462257
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.251.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.232.251.99.88.clients.your-server.de
Software
nginx /
Resource Hash
db8be4a0e52d8799ebceedc633dcd7e52e7cb25f48e18f76203c8243a432a700

Request headers

Referer
https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/style.css?ver=1618462257
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
last-modified
Fri, 02 Apr 2021 06:19:03 GMT
server
nginx
etag
"6066b757-5960"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 315360000
accept-ranges
bytes
x-cache-groups
assets
content-length
22880
x-request-id
f09a67b336ae1c8607760528d5918496
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
cdn.hillreporter.com/wp-content/themes/newsdesk_theme/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/fonts/fontawesome-webfont.woff2
Requested by
Host: cdn.hillreporter.com
URL: https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/style.css?ver=1618462257
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.251.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.232.251.99.88.clients.your-server.de
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://hillreporter.com
Referer
https://cdn.hillreporter.com/wp-content/themes/newsdesk_theme/style.css?ver=1618462257
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-length
77160
x-request-id
c17ab29aa0adf1ad3702f0a456726ae5
last-modified
Fri, 02 Apr 2021 06:19:03 GMT
server
nginx
etag
"6066b757-12d68"
x-presslabs-cache
HIT
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://hillreporter.com
access-control-expose-headers
Content-Length,Content-Range,X-WP-Total,X-WP-TotalPages,Link
cache-control
max-age = 315360000
accept-ranges
bytes
x-cache-groups
assets
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-WP-Nonce
expires
Thu, 31 Dec 2037 23:55:55 GMT
loader-fading-blocks.gif
cdn.hillreporter.com/wp-content/plugins/ajax-load-more/core/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.hillreporter.com/wp-content/plugins/ajax-load-more/core/img/loader-fading-blocks.gif
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.251.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.232.251.99.88.clients.your-server.de
Software
nginx /
Resource Hash
614720662b401ebcc2e88a3b22d87311f4084e22881644ea7940d9841fb3dcf9

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
last-modified
Fri, 02 Apr 2021 06:19:00 GMT
server
nginx
etag
"6066b754-bab"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age = 315360000
accept-ranges
bytes
x-cache-groups
assets
content-length
2987
x-request-id
7e7b1747cbc09fa21daab56008b6f06a
expires
Thu, 31 Dec 2037 23:55:55 GMT
hszd21sQa0s
www.youtube.com/embed/ Frame B8E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/hszd21sQa0s?feature=oembed
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 15 Apr 2021 11:39:59 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=AeXQRJLORqc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=MIVRvtCHRR8; Domain=.youtube.com; Expires=Tue, 12-Oct-2021 11:39:59 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+873; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GettyImages-1294907289-480x320.jpg
cdn.hillreporter.com/wp-content/uploads/2021/04/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.hillreporter.com/wp-content/uploads/2021/04/GettyImages-1294907289-480x320.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.251.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.232.251.99.88.clients.your-server.de
Software
nginx /
Resource Hash
34bb9ee90de7a84db27e842107dd26bd4e93499375676a6df732087d1a0b3693

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
last-modified
Wed, 14 Apr 2021 21:32:35 GMT
server
nginx
etag
"60775f73-9cc8"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 315360000
accept-ranges
bytes
content-length
40136
x-request-id
7c42291270d74ad3a0bbbde484efb102
expires
Thu, 31 Dec 2037 23:55:55 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v12/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%7CNoto+Serif%3A400%2C700&ver=5.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hillreporter.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 23:45:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:50:31 GMT
server
sffe
age
42892
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
expires
Thu, 14 Apr 2022 23:45:07 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v12/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v12/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%7CNoto+Serif%3A400%2C700&ver=5.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hillreporter.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:43:44 GMT
server
sffe
age
34617
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:03:02 GMT
ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v9/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%7CNoto+Serif%3A400%2C700&ver=5.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hillreporter.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:59 GMT
server
sffe
age
351381
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27344
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v9/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%7CNoto+Serif%3A400%2C700&ver=5.7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hillreporter.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:52 GMT
server
sffe
age
351381
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23924
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
identity.js
connect.facebook.net/signals/plugins/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.39
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-fb-rlafr
0
pragma
public
x-fb-debug
a6NIZTGlfgzW0V4uAFlwVEqbI5NAwHwZPICagq+wGhIeCH8PHsZSZbwWJRCCEFTZ2ALidB+1ka0g9kZmZXSklw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Thu, 15 Apr 2021 11:39:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
223621711747335
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/223621711747335?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46af55aacefb6fd164b7aee49cae754af8a2eb481c8e7f2b805c67865c206ffe
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
11Iv0dPvYgdyYcVUEvV0IuTDD9VsYwAQkdC99mBQ69vglXihyl2MEZqc13g5L7fp6J0T62besCz84y084qprkA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Thu, 15 Apr 2021 11:39:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
admin-ajax.php
hillreporter.com/wp-admin/ 		573 B
846 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hillreporter.com/wp-admin/admin-ajax.php?id=98098&initial_id=98098&order=previous&taxonomy=&excluded_terms=&post_type=post&init=true&action=alm_get_single
Requested by
Host: cdn.hillreporter.com
URL: https://cdn.hillreporter.com/wp-content/plugins/ajax-load-more/core/dist/js/ajax-load-more.min.js?ver=5.4.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.171.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.217.171.243.136.clients.your-server.de
Software
nginx /
Resource Hash
99ce2c3cb798473e57719d7f668f4498844db6c60c617a6bfabd078e71ac6f32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
paddos_PfVNe=1
:path
/wp-admin/admin-ajax.php?id=98098&initial_id=98098&order=previous&taxonomy=&excluded_terms=&post_type=post&init=true&action=alm_get_single
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
hillreporter.com
referer
https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-presslabs-stats
BYPASS; desktop
vary
Accept-Encoding
x-request-id
c0408434d172d7991c0879123a907712
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/json; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0, no-store
set-cookie
PHPSESSID=6200aa7b16c7f22f0a3fb8a3fc679e4b; path=/ wordpress_google_apps_login=0ed3e32f3878ce412f9fc0ea6e63f89a; path=/; secure; HttpOnly
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.5&blog=151552998&post=98098&tz=-4&srv=hillreporter.com&host=hillreporter.com&ref=&fcp=502&rand=0.5796606187147004
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
latest.js
global.proper.io/payloads/ 		909 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/hillreporter.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4703203d777e92d2b1e5006deee6f4480203a4dd18b1ca34aa45aedd83fb6f

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 02 Apr 2021 17:18:53 GMT
server
cloudflare
age
1089397
etag
W/"606751fd-e3425"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6404e5826fc9d729-FRA
cf-request-id
0976edc5840000d729792fb000000001
expires
Thu, 15 Apr 2021 11:44:59 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-100615071-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
2805
date
Thu, 15 Apr 2021 10:53:14 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Thu, 15 Apr 2021 12:53:14 GMT
hszd21sQa0s
www.youtube.com/embed/ Frame 8E93 		51 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.7/wp-includes/js/jquery/jquery.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e6662b8b295c71101c9f35d779ed40909cf8e2d199405dfbc86687e47a9b608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/hszd21sQa0s?feature=oembed
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=AeXQRJLORqc; VISITOR_INFO1_LIVE=MIVRvtCHRR8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 15 Apr 2021 11:39:59 GMT
strict-transport-security
max-age=31536000
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+053; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=2048730589&t=pageview&_s=1&dl=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y&ul=en-us&de=UTF-8&dt=WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump%27s%20Capitol%20Insurrection%20%7C%20HillReporter.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=446177719&gjid=916194732&cid=607603906.1618486800&tid=UA-100615071-2&_gid=822825248.1618486800&_r=1&gtm=2ou3v0&z=604400480
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:39:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hillreporter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-100615071-2&cid=607603906.1618486800&jid=446177719&gjid=916194732&_gid=822825248.1618486800&_u=IEBAAUAAAAAAAC~&z=264260167
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 15 Apr 2021 11:39:59 GMT
content-type
text/plain
access-control-allow-origin
https://hillreporter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1574e89f09d15f5c0b502e03318bf8e42f6993bc76761f01d4189d9c7cac1a2f

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
content-encoding
gzip
etag
"9BXR5o2ektbbjpKQZDKFMQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 22 Apr 2021 11:39:59 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-100615071-2&cid=607603906.1618486800&jid=446177719&_u=IEBAAUAAAAAAAC~&z=458572356
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:39:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-100615071-2&cid=607603906.1618486800&jid=446177719&_u=IEBAAUAAAAAAAC~&z=458572356
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:39:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=223621711747335&ev=PageView&dl=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y&rl=&if=false&ts=1618486799927&sw=1600&sh=1200&v=2.9.39&r=stable&a=wordpress-5.7-3.0.5&ec=0&o=30&fbp=fb.1.1618486799926.619272664&it=1618486799709&coo=false&rqm=GET
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:39:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 15 Apr 2021 11:39:59 GMT
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:ca00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 10:55:21 GMT
via
1.1 aec69d2871c7aeb74988020f07480fa4.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 02:39:21 GMT
server
AmazonS3
age
2693
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=3600
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
NkL3it0slldEM7WeJagAHqfvB-gTAgWexyjQkjHQQNqUx6QTXuONSA==
www-player-webp.css
www.youtube.com/s/player/82e684c7/ Frame 8E93 		357 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/82e684c7/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5421a0a28d791c01667d1dcc004a7fe6afae973c9b08d31e3d8aa663b6097330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 14:50:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 00:17:47 GMT
server
sffe
age
161394
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53672
x-xss-protection
0
expires
Wed, 13 Apr 2022 14:50:05 GMT
www-embed-player.js
www.youtube.com/s/player/82e684c7/www-embed-player.vflset/ Frame 8E93 		184 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/82e684c7/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80081d890f45ee1a0a917099afc442b25e7ff2b9f0f4a27b47aae95014f0c6ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 14:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 00:17:47 GMT
server
sffe
age
161529
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66771
x-xss-protection
0
expires
Wed, 13 Apr 2022 14:47:50 GMT
base.js
www.youtube.com/s/player/82e684c7/player_ias.vflset/en_US/ Frame 8E93 		2 MB
516 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/82e684c7/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
023c72aeb3ef5fc792389b99af0cd88e4da1c0d2a8550127327e2c93176699f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 14:49:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 00:17:47 GMT
server
sffe
age
161448
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
528515
x-xss-protection
0
expires
Wed, 13 Apr 2022 14:49:11 GMT
fetch-polyfill.js
www.youtube.com/s/player/82e684c7/fetch-polyfill.vflset/ Frame 8E93 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/82e684c7/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 14:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 00:17:47 GMT
server
sffe
age
161529
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Wed, 13 Apr 2022 14:47:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8E93 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
351381
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
69e59411a8c72a289854d415a1baa0b01d9fb642a78932dc4d45ef583947bb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"843 / 681 of 1000 / last-modified: 1618485008"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20987
x-xss-protection
0
expires
Thu, 15 Apr 2021 11:40:00 GMT
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_80ebb260_41fd2061_1
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_80ebb260_41fd2061_1&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-MNp8vXtE2uGXPEcipsF7UI1pfAmCVcfZ~A
155 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-MNp8vXtE2uGXPEcipsF7UI1pfAmCVcfZ~A
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.196.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-196-81.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f375c25a0fa8bca70ec4820bf2175be2a74198b5b9209cc65f5cf5a4cdefea69

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Apr 2021 11:40:00 GMT
server
nginx/1.18.0
content-length
155
content-type
text/javascript

Redirect headers

Date
Thu, 15 Apr 2021 11:40:00 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-MNp8vXtE2uGXPEcipsF7UI1pfAmCVcfZ~A
Connection
keep-alive
Content-Length
0
445.json
id5-sync.com/g/v2/ 		150 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.186 , France, ASN16276 (OVH, FR),
Reverse DNS
p06.id5-sync.com
Software
/
Resource Hash
3126d6fe6f0d70290799f39d4c4cb15e370bae5c545ec9b710b60ca9d0a1a4ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://hillreporter.com
Date
Thu, 15 Apr 2021 11:39:58 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.170.237 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-170-237.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 15 Apr 2021 11:40:00 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
impl.20210414-6-RELEASE.js
cdn.taboola.com/libtrc/ 		480 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5c1c30811521e2a8e3f1f66d6e550b2d48a250cd11b81223180c9b3fb2f29c3b

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vs9zfjmj52qQCvZeDRMgkTHl2EUEsIHE
content-encoding
br
etag
"e2aa74824e227f919caf68a3ad379b8a"
age
9418
x-cache
HIT
content-length
112566
x-amz-id-2
2d1BZoL9ge8gUTfVwuAlonZTJ7imk17GUxGrcy4Y2/xyILVxdfD5F4JLZtSFuNCKlhaGqnH8g8Q=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 14 Apr 2021 08:54:43 GMT
server
AmazonS3-br
x-timer
S1618486800.979274,VS0,VE0
date
Thu, 15 Apr 2021 11:39:59 GMT
vary
Accept-Encoding
x-amz-request-id
32FRGFBHJSA5MY2G
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
87
x-cache-hits
47633
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-73.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:20:47 GMT
via
1.1 df2b5b3f847bbe9ad7f475c0831bcc3a.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1154
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
895KuUuWYxr3Hq4nVUKNUmO_K6OhwdJ72fkxXfMc_bCwUrn3Suk1YQ==
pixel;r=863084072;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8R...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=863084072;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y;uht=2;fpan=1;fpa=P0-126846987-1618486799973;pbcn=1;pbc=d4754b3b-b443-4b53-b7cd-2ecde54f28d8;ns=0;ce=1;qjs=1;qv=b0f2076b-20210414175820;cm=;gdpr=0;ref=;d=hillreporter.com;je=0;sr=1600x1200x24;dst=1;et=1618486799973;tzo=-120;ogl=locale.en_US%2Ctype.article%2Ctitle.WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump's%20Capitol%20Insurrection%2Cdescription.HBO%E2%80%99s%20investigative%20arm%252C%20VICE%252C%20pieced%20together%20various%20videos%20of%20the%20January%206th%2Curl.https%3A%2F%2Fhillreporter%252Ecom%2Fwatch-vice-splices-together-videos-of-donald-trumps-cap%2Csite_name.HillReporter%252Ecom%2Cupdated_time.2021-04-14T21%3A39%3A12-04%3A00%2Cimage.https%3A%2F%2Fcdn%252Ehillreporter%252Ecom%2Fwp-content%2Fuploads%2F2021%2F04%2FGettyImages-1294907289%252Ej%2Cimage%3Asecure_url.https%3A%2F%2Fcdn%252Ehillreporter%252Ecom%2Fwp-content%2Fuploads%2F2021%2F04%2FGettyImages-1294907289%252Ej%2Cimage%3Awidth.1024%2Cimage%3Aheight.683
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:39:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
mvo
tag.1rx.io/rmp/82079/0/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/82079/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://hillreporter.com
Pragma
no-cache
Date
Thu, 15 Apr 2021 11:40:00 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
arj
propermedia-d.openx.net/w/1.0/ 		175 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&aus=728x90%2C300x250%7C728x90%2C300x250%7C728x90%2C300x250%7C728x90%2C300x250%7C728x90&auid=540752001%2C540752002%2C540752003%2C540752004%2C540752005&aumfs=100%2C100%2C100%2C100%2C100&dddid=7b4427b4-c682-4285-a23f-5d5f32c193b2%2C0325f193-a2dd-4bbc-9d57-a4c4a4ac37e2%2Cadddcc71-eeff-4d6d-84ea-409d266fa426%2Cc683c530-8a67-4c94-9181-e271c3086b9a%2C70ae835f-d21e-4d6f-a497-b3e99ca71c96&divIds=openx-a00bc90f-17c7-4d30-ad64-791b0fb779c5%2Copenx-fb936555-43ae-4517-9c04-979fc07102c9%2Copenx-c11f6a75-634d-4170-b842-e9d1d967ce20%2Copenx-83a46cd8-ac3a-492f-ba6b-336737feb4d8%2Copenx-2a18a26f-b603-47cb-a87d-5baf13514259&be=1&bc=hb_pb_3.0.1&nocache=1618486799997&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&_pubcid=d4754b3b-b443-4b53-b7cd-2ecde54f28d8
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
b32f98003a8e911f740800de935f86bc6c3deb69be717b5cf68c5642e2b57c61

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:00 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hillreporter.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:00 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hillreporter.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 15 Apr 2021 11:40:00 GMT
bid
ap.lijit.com/rtb/ 		45 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.25.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
5dc12a47030745caf7cda8a546066d28765b3fc0331209aa838e45ff01b8792c

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 15 Apr 2021 11:40:00 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://hillreporter.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
65
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=atyQyvahFzLs1Y697wSjckSR&bidId=atyQyvahFzLs1Y697wSjckSR&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=a6c69dff-2bdf-4370-9bf1-c4206feac7a2&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-167-229.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://hillreporter.com
date
Thu, 15 Apr 2021 11:40:00 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wmTfpxGdWkszAANgWXjobJ9d&bidId=wmTfpxGdWkszAANgWXjobJ9d&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=a6c69dff-2bdf-4370-9bf1-c4206feac7a2&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-167-229.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://hillreporter.com
date
Thu, 15 Apr 2021 11:40:00 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Mh54tRrkdVydv6NkzTPh6TsM&bidId=Mh54tRrkdVydv6NkzTPh6TsM&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=a6c69dff-2bdf-4370-9bf1-c4206feac7a2&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-167-229.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://hillreporter.com
date
Thu, 15 Apr 2021 11:40:00 GMT
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		19 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 11:40:00 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.52:80
AN-X-Request-Uuid
34972f66-da87-40ac-b71e-d5286a40d1e7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://hillreporter.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1000&ts=1618486800004
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.69.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-69-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://hillreporter.com
date
Thu, 15 Apr 2021 11:40:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://hillreporter.com
date
Thu, 15 Apr 2021 11:39:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=-120&buster=1618486800006&secure=true&version=9&mobile=false&title=WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump%27s%20Capitol%20Insurrection%20%7C%20HillReporter.com&url=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y&measurable=true&property=5b32cf14d866814de2efe8c2&bids[0][bidId]=hillreporter_sticky_728x90&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&foo
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.61.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-61-253.compute-1.amazonaws.com
Software
/ Express
Resource Hash
1f6a88ad0db43030b4ed05b1284ed1a6c4a52002a9890705fc4270dddb459755

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:00 GMT
x-powered-by
Express
etag
W/"38-WjQJgQXW6iVxuBD73V321CdE5sE"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://hillreporter.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
apstag.js
c.amazon-adsystem.com/aax2/ 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.153.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-153-196.txl52.r.cloudfront.net
Software
Server /
Resource Hash
2a5a0cb739264343c5c68eefab8b3e240503a08697b841e1a3e451eee0326c63

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
yLhu73FRYIeuKaQa6A9KsKrHKFu13Dqv
content-encoding
gzip
server
Server
age
797
etag
d73e27b058012a8dc39a6a098b9f036c
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a57d5819527c444e16b1875e3bd28970.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Thu, 15 Apr 2021 11:26:43 GMT
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
gZybMWoR7xu31T92ak5WHaVI85f0ykQNpu-BhKuGntqI2SuHlQzfwg==
json
trc.taboola.com/hillreporter-hillreporter/trc/3/ 		35 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/hillreporter-hillreporter/trc/3/json?tim=13%3A40%3A00.038&lti=deflated&data=%7B%22id%22%3A949%2C%22ii%22%3A%22%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1618391933476%2C%22vi%22%3A1618486800037%2C%22cv%22%3A%2220210414-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2619%2C%22qs%22%3A%22%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y%22%2C%22nsid%22%3A%22hillreporter-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dhillreporter-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2319.921875%2C%22mw%22%3A765%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b36630357f0c82fc1b205e5746211bf76d2bbc2ea1fe577ea6a10c10061b166

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
396
date
Thu, 15 Apr 2021 11:40:00 GMT
content-encoding
gzip
server
nginx
x-timer
S1618486800.055956,VS0,VE396
x-served-by
cache-fra19176-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://hillreporter.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
id
googleads.g.doubleclick.net/pagead/ Frame 8E93
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
afd9062fd1f7eb87567ea1769bf196110e7aba797175988e28091c6ef4de736c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 15 Apr 2021 11:40:00 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 8E93 		29 B
91 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/82e684c7/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:26:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
836
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Thu, 15 Apr 2021 11:41:04 GMT
qoe
www.youtube.com/api/stats/ Frame 8E93 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&cpn=5mTMvN3iUoFsIF8L&el=embedded&docid=hszd21sQa0s&ns=yt&fexp=23748147%2C23969934%2C23983296%2C24001373%2C24006795%2C24007246%2C24012117%2C24015146%2C24021967&cl=368098471&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210412.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth:0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/82e684c7/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:00 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
www.youtube.com/s/player/82e684c7/player_ias.vflset/en_US/ Frame 8E93 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/82e684c7/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/82e684c7/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0629031816d0591f39e6b72e3f839f7b40e8afd44b8ce0da0cbd171ae0e6253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 14:49:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 00:17:47 GMT
server
sffe
age
161438
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25011
x-xss-protection
0
expires
Wed, 13 Apr 2022 14:49:22 GMT
truncated
/ Frame 8E93 		320 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7d0de83560f0ff7a38e0f6eda63d46eb70586c4e215cdce98ed3891a16bf7d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2021040804.js
securepubads.g.doubleclick.net/gpt/ 		296 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 19:24:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106480
x-xss-protection
0
expires
Thu, 15 Apr 2021 11:40:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1618486800160&ns_c=UTF-8&cv=3.5&c8=WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump%27s%20Capitol%20Insurrection%20...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1618486800160&ns_c=UTF-8&cv=3.5&c8=WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump%27s%20Capitol%20Insurrection%2...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1618486800160&ns_c=UTF-8&cv=3.5&c8=WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump%27s%20Capitol%20Insurrection%20%7C%20HillReporter.com&c7=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y&c9=
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-73.txl52.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 df2b5b3f847bbe9ad7f475c0831bcc3a.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
wW4J7Snii3K8pEGdXrf0cMqmVObfSOt6DOp7hzLYaRcwYQzoCRBwvw==

Redirect headers

date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 df2b5b3f847bbe9ad7f475c0831bcc3a.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL52-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1618486800160&ns_c=UTF-8&cv=3.5&c8=WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump's%20Capitol%20Insurrection%20%7C%20HillReporter.com&c7=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y&c9=
content-length
511
x-amz-cf-id
K82wtXVYpdGIMqJU_d0niNsovi8nD9elMd9eKlUycmZDh41y5bqlzg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.153.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-153-196.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
11265
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Thu, 15 Apr 2021 08:32:16 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 b46ec6462593127fefb6ecac53956825.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
TXL52-C1
x-amz-cf-id
fuyDGjcgMKHOEJXb8bo7hITACoW_Yuvm7z2rI1EZiog7B1XUI4LoBg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y&pid=DiFHBMbPgOEGh&cb=0&ws=1600x1200&v=7.63.00&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&cfgv=0&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.153.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-153-196.txl52.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 a57d5819527c444e16b1875e3bd28970.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
TXL52-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://hillreporter.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
7PWQF8zUGblMvhF8zg-_Io4CnK7IgCkgMmMOTt3smBfVr3qyC_0cDQ==
ads-beacon.js
hillreporter.com/ 		80 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hillreporter.com/ads-beacon.js?ts=40312
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/V3CykjuIU7M2.js?ts=48020
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.171.217 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.217.171.243.136.clients.your-server.de
Software
nginx /
Resource Hash
647c226cf491168b04b3ae87a1dcf648640b8affe7ee736e96ccf754276caf69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/ads-beacon.js?ts=40312
pragma
no-cache
cookie
paddos_PfVNe=1; _ga=GA1.2.607603906.1618486800; _gid=GA1.2.822825248.1618486800; _gat_gtag_UA_100615071_2=1; _fbp=fb.1.1618486799926.619272664; _pubcid=d4754b3b-b443-4b53-b7cd-2ecde54f28d8; proper_tracker_cookie=eyJwaWQiOiIiLCJiaWRkZXJzIjp7fSwicHJvcGVyX3VpZCI6ImE2YzY5ZGZmLTJiZGYtNDM3MC05YmYxLWM0MjA2ZmVhYzdhMiJ9; _lr_retry_request=true; _lr_env_src_ats=false; properSessionData=eyJ1dWlkIjoiZTM5NDIwYzUtMzBhZC00ZWY0LTkzY2YtYTNiODBkODNmZTEyIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fdGVybSI6IiIsInV0bV9jb250ZW50IjoiIiwicmV2ZW51ZSI6MH0=; __qca=P0-126846987-1618486799973
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hillreporter.com
referer
https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:00 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
strict-transport-security
max-age=31536000
x-presslabs-stats
desktop
x-request-id
e68b11407f89ad47305fb65c3aa4a668
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary2YxEwCQ7SDIA6LQB

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 15 Apr 2021 11:40:00 GMT
content-type
text/plain
access-control-allow-origin
https://hillreporter.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b80f9996f4ee83ac7e0cdc7b04f9e4150a90d41bbf901e7ea4a646d53f334a92

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
k0fLHolrULeyflnSHDHGwfQ5cxCVyM94
content-encoding
gzip
etag
"03de8465cf9a5b82f8bf06944d4a54bc"
age
18040
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4635
x-amz-id-2
YN5vgzKxSbPMRYp8oROAEVP3EJow/v6UCx3g7suIH+8kWvST79IgKx1s0Xhwa5PwVek3wNe7n3k=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 13 Apr 2021 14:38:50 GMT
server
AmazonS3
x-timer
S1618486800.483363,VS0,VE0
date
Thu, 15 Apr 2021 11:40:00 GMT
vary
Accept-Encoding
x-amz-request-id
MJH43VH98HAB13BN
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
87
x-cache-hits
186922
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
17471
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
UmOOaCltTJva9V4gBfdf27Oy7jykaqbYXsCDo0A/soIFodQTYZAaWWoYstK76SsHg3hRgjqb/Fo=
x-served-by
cache-fra19176-FRA
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1618486800.483343,VS0,VE0
date
Thu, 15 Apr 2021 11:40:00 GMT
vary
Accept-Encoding
x-amz-request-id
CR41745BE06MC588
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
87
x-cache-hits
170374
tfa-eid.20210414-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210414-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b2738076279a02dfda00b02f8ee435e9cebb77b535a6b9dfe21b5523a5cde08

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mcil7LLvHShbJAYM25abSAt5ko2HvoSo
content-encoding
gzip
etag
"f0c15c57ffc1f0a46194c879c6386fe4"
age
56
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4857
x-amz-id-2
0dISYB1JvETFY6lXllLLZHVswbqEruCydjzaiw2tIswQxTGVPuiBSVdxQzknXbEH40o3L1jIiRQ=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 14 Apr 2021 09:09:32 GMT
server
AmazonS3
x-timer
S1618486800.485519,VS0,VE0
date
Thu, 15 Apr 2021 11:40:00 GMT
vary
Accept-Encoding
x-amz-request-id
72FR8X26GBNQQKQB
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
87
x-cache-hits
357
sha256.20210414-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210414-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7a91e8ae78a2017b775f76cad66241ca3c2728228866622dc90cad71144e245

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FCaRxwcW3MLlXzgVX9HQNSiyqGkGeGF_
content-encoding
gzip
etag
"449a15420f4bd41326d0ce1cb3e3252f"
age
51
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2596
x-amz-id-2
bq5qWwvQ4HX4P+xyJB+fr5L/OHqHDdzPSZR1pt3YwvHme1kfipqeWCDOiDEHgHzmDvSa9wtXtys=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 14 Apr 2021 09:09:42 GMT
server
AmazonS3
x-timer
S1618486800.485493,VS0,VE0
date
Thu, 15 Apr 2021 11:40:00 GMT
vary
Accept-Encoding
x-amz-request-id
FRPSD32MMTRKY69H
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
87
x-cache-hits
307
floating-unit.20210414-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20210414-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62047a86a85c9b45c8907b73888f38a1c6b3480ccfd935a12724754bc873baa3

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
H3poyfPspeKUttPfbV32fJa6uNrdvn7Y
content-encoding
gzip
etag
"d4c71454220ae169034e8c53f304a921"
age
81
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2293
x-amz-id-2
izdQ+SxDFvIvgg7Q7r6Q2hltN9mO/DoCpvraNi6NPogXyHj8rQTgIqqyl0SSZieWTIpt203gcEk=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 14 Apr 2021 09:09:52 GMT
server
AmazonS3
x-timer
S1618486800.487586,VS0,VE0
date
Thu, 15 Apr 2021 11:40:00 GMT
vary
Accept-Encoding
x-amz-request-id
M434XNREVTCKH1ME
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
87
x-cache-hits
34
explore-more.20210414-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20210414-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e4d26ad8a054d6c74e9b4dd9bd7f65bb8be1697743cf2dbe6bff108a1aee496

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j2K81Zi86dO0FD4rzTZh8HEyza2yk.m6
content-encoding
gzip
etag
"67c16589c6de11dbcc214f7d77f16095"
age
112
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6620
x-amz-id-2
TORUPEhGmBOe5J5yicDL/FdZMIh6fCqbjH3oI1rLwxAOLWIxWqam0AvxbBZdQs2rVg/cCLqezOI=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 14 Apr 2021 09:10:02 GMT
server
AmazonS3
x-timer
S1618486800.487851,VS0,VE0
date
Thu, 15 Apr 2021 11:40:00 GMT
vary
Accept-Encoding
x-amz-request-id
33F76B3RJD4PRDNP
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
87
x-cache-hits
8566
feed-card-placeholder.20210414-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20210414-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9084c8d15d1443f22f31d7724ae80d662d69d384d206213458cc784ebd3bf9a

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
lVKcweJm8pgn4Jw61u8krkR2RLWq8EWt
content-encoding
gzip
etag
"495e7acaa76bf6e7a083dd06892c2adc"
age
80
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1269
x-amz-id-2
y2wLCxwus6rHHxS4veAwMi0ieQLjvG67tLE8nwLVqgxLEIyl89ujQRZuwv9z+hbW2dRwJ3BjUgE=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 14 Apr 2021 09:10:00 GMT
server
AmazonS3
x-timer
S1618486800.489589,VS0,VE0
date
Thu, 15 Apr 2021 11:40:00 GMT
vary
Accept-Encoding
x-amz-request-id
N04XH6YW5XD119MP
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
87
x-cache-hits
324
userx.20210414-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210414-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75bda79381d0f3e8fef483deb525dbbb64997a751a33e3901f3e62bc555501df

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
AB5kaFHgjUzYaSgXhghd6SMiz6ooDCVp
content-encoding
gzip
etag
"4dee943d9af8f930facd1ec702b5266b"
age
34
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7856
x-amz-id-2
ec+o1pJw26JO0P6qC9Gbm53b7T9Kf1FVjmG3UEOBgfEPv6XpNtz2QdlosbdMJVd1QI4ZsWWSohg=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 14 Apr 2021 09:09:28 GMT
server
AmazonS3
x-timer
S1618486801.501241,VS0,VE0
date
Thu, 15 Apr 2021 11:40:00 GMT
vary
Accept-Encoding
x-amz-request-id
4KDNJK5X8VMPSYPW
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
87
x-cache-hits
53
supply-feature
trc.taboola.com/hillreporter-hillreporter/log/3/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/hillreporter-hillreporter/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=346ac08e628acd7c5f8807435c29935d&sd=v2_3e4d79cb0c550a2e00f87ffb50a4e570_2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90_1618486800_1618486800_CNawjgYQ3-1IGKXd0qqNLyABKAEwoQE4l-oLQJWXEEjf3NwDUP___________wFYAGAAaLGv6bXK_ffOrQE&ui=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&pi=/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098&wi=3008056371660659047&pt=text&vi=1618486800037&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=13%3A40%3A00.476&id=7064&llvl=1&cv=20210414-6-RELEASE&
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1618486801.516872,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
tb
15.taboola.com/ 		31 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=hillreporter-hillreporter&unitType=226&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098&encoded=1&uid=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1618486800533&tagid=&cntry=NL&platform=1&sesid=3e4d79cb0c550a2e00f87ffb50a4e570&itemid=/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098&viewid=1618486800037&geolat=&geoing=&deviceifa=&appid=&sd=v2_3e4d79cb0c550a2e00f87ffb50a4e570_2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90_1618486800_1618486800_CNawjgYQ3-1IGKXd0qqNLyABKAEwoQE4l-oLQJWXEEjf3NwDUP___________wFYAGAAaLGv6bXK_ffOrQE&ri=346ac08e628acd7c5f8807435c29935d&appname=&cdb=&gdprApplies=true&rid=&sii=3008056371660659047&oee=true&tpubid=1193695&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=GE&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1193692&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
995961d18918d2b6d164da075db983959edfceea84e3303a7a3cdb9171ba6fff

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Apr 2021 11:40:00 GMT
content-encoding
gzip
access-control-allow-origin
https://hillreporter.com
machineid
1451
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn11541-HHN
pragma
no-cache
server
nginx
x-timer
S1618486801.591637,VS0,VE17
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
abtests
trc.taboola.com/hillreporter-hillreporter/log/3/ 		0
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/hillreporter-hillreporter/log/3/abtests?route=AM:AM:V&lti=deflated&ri=346ac08e628acd7c5f8807435c29935d&sd=v2_3e4d79cb0c550a2e00f87ffb50a4e570_2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90_1618486800_1618486800_CNawjgYQ3-1IGKXd0qqNLyABKAEwoQE4l-oLQJWXEEjf3NwDUP___________wFYAGAAaLGv6bXK_ffOrQE&ui=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&pi=/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098&wi=3008056371660659047&pt=text&vi=1618486800037&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1618486800539%7D&tim=13%3A40%3A00.539&id=1660&llvl=1&cv=20210414-6-RELEASE&
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1618486801.553731,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
GettyImages-610603372.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/09/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/09/GettyImages-610603372.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
66cb8293061d2e2adbf2a0ba280aa184e50b4a225caa7562215e5c6ab60c133c

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
98
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
776137
edge-cache-tag
300218840463463941001533324119321448307,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
96
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/09/GettyImages-610603372.jpg
content-length
32486
x-request-id
25eae2d59bb71bc80ac2abb2d9a70275
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Tue, 06 Apr 2021 04:27:12 GMT
server
nginx
x-timer
S1618486801.558359,VS0,VE98
etag
"7d833a7c53942f59b8a61debe529c7d3"
x-served-by
cache-wdc5573-WDC, cache-dca17759-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
donald-trump-miss-moscow-kompromat.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/08/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/08/donald-trump-miss-moscow-kompromat.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
16c4f109b12e909b1789636cfb11f8603d443ff6945e589e676de1e5f929d274

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
93
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
1155875
edge-cache-tag
581119067824749595703660208873932690934,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/08/donald-trump-miss-moscow-kompromat.jpg
content-length
16528
x-request-id
8ade5ece4f4dec55697e7eb525a306b7
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Wed, 17 Mar 2021 21:27:51 GMT
server
nginx
x-timer
S1618486801.558530,VS0,VE93
etag
"135432698c7af6c452d6989466d82fa8"
x-served-by
cache-wdc5527-WDC, cache-dca12928-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
conway.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/01/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/01/conway.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6a287ae8d7772cc6782d3dfb12b7c06a36258782789d74bfb37642cdc0540f28

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
1150499
edge-cache-tag
459364329051071396208901290682828250873,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/01/conway.jpg
content-length
42830
x-request-id
29c9a897f153893e4a8c3c3f04f37944
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Sat, 06 Mar 2021 20:05:29 GMT
server
nginx
x-timer
S1618486801.558493,VS0,VE94
etag
"fd8d29ec97a724cb4ea762728b7986d0"
x-served-by
cache-wdc5554-WDC, cache-dca17747-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
donald-jr-trump-taxes-hunter-biden.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/09/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/09/donald-jr-trump-taxes-hunter-biden.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2bcada7e597306aa928055e8f6c099104b077cc5e2c58ab8ef3ab13882e8bccb

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
282
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
429723101762425083055963540732228086612,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Fri, 07 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/09/donald-jr-trump-taxes-hunter-biden.jpg
content-length
26780
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Tue, 06 Apr 2021 22:49:15 GMT
server
nginx
x-timer
S1618486801.558499,VS0,VE282
etag
"cb6e2d482ffc0fd5c0466767cca34412"
x-served-by
cache-wdc5528-WDC, cache-dca12927-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
rick-wiles-trump-bullets.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/07/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/07/rick-wiles-trump-bullets.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e58a87f17a2872afb7d9cc628291ac6efa3a13e6b95a9be6dcaf638bfc33f820

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
877
date
Thu, 15 Apr 2021 11:40:01 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
428756437118247686985182364018493478887,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/07/rick-wiles-trump-bullets.jpg
content-length
11622
x-request-id
3bdf77eaaa6417987192460b56820836
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Wed, 24 Mar 2021 16:52:12 GMT
server
nginx
x-timer
S1618486801.558382,VS0,VE877
etag
"d4d29cbea08cc857fc4913ff87d2d165"
x-served-by
cache-wdc5571-WDC, cache-dca12920-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
ESSzGWcWsAUiYdM.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/03/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/03/ESSzGWcWsAUiYdM.jpeg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
184ecbddcd3f84a381664f16f72b14756d767956be6c18b89045d22ea3100761

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
1142206
edge-cache-tag
500294936549424210902374285117170329966,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/03/ESSzGWcWsAUiYdM.jpeg
content-length
24012
x-request-id
48dd1e3b48dd2b51b111757df9d48249
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Fri, 12 Mar 2021 16:56:15 GMT
server
nginx
x-timer
S1618486801.558499,VS0,VE1
etag
"fec662cf0e1feba1f00fbf2f645047d9"
x-served-by
cache-wdc5559-WDC, cache-dca17735-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
EY-Qjj7U4AAPo6p.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/05/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/05/EY-Qjj7U4AAPo6p.png
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3a15dcd9ab2d6df67ec47d9536d524ee8b5840c9cd88a09aca1ed2a9918264a0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
1774105
edge-cache-tag
527884993452665455194045710703620496070,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
97
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/05/EY-Qjj7U4AAPo6p.png
content-length
13500
x-request-id
843b28111a138d110b80cf14a6b3b35f
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Tue, 09 Mar 2021 20:25:30 GMT
server
nginx
x-timer
S1618486801.584259,VS0,VE94
etag
"8682ac13bd3d5ec5f551ee033f1c2dc5"
x-served-by
cache-wdc5573-WDC, cache-dca17768-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
b5dabe035aeef4a20c401817acfff837.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5dabe035aeef4a20c401817acfff837.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7c6a6df5191e57dc9d61ac304822f77292e39d86f97740389903a3ba2b681847

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
1141097
edge-cache-tag
431580161089517925255506874675092295471,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5dabe035aeef4a20c401817acfff837.jpg
content-length
32940
x-request-id
28a08ad0f1334ad27ade77fee100db50
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Fri, 05 Mar 2021 07:07:57 GMT
server
nginx
x-timer
S1618486801.674547,VS0,VE1
etag
"169f7a7b3db3b13a28589ebd4e30ccca"
x-served-by
cache-wdc5538-WDC, cache-dca12924-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Gezinsfoto1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tipsenweetjes.nl/wp-content/uploads/2021/03/04161737/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tipsenweetjes.nl/wp-content/uploads/2021/03/04161737/Gezinsfoto1.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
73d6f1f8fe43528efa910c4936737f7ace2f83d5ebf4ed85bba7a617975ae9f6

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
1205372
edge-cache-tag
606419304375137031981117386228459731389,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tipsenweetjes.nl/wp-content/uploads/2021/03/04161737/Gezinsfoto1.jpg
content-length
30502
x-request-id
721377c844f027ec3641420f67019a40
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 08 Mar 2021 09:52:44 GMT
server
nginx
x-timer
S1618486801.678046,VS0,VE1
etag
"ea010a719ce5ee6fde896afef6e79b93"
x-served-by
cache-wdc5562-WDC, cache-dca17780-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
18c02600f046b3d5065ccd5adb4ff813.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18c02600f046b3d5065ccd5adb4ff813.png
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94cf45f3a7ae6b81b94c63eb9a4b26392fb410fa3485ab747c65cdf548744453

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
531769
edge-cache-tag
610577620102231630902515671874138178152,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
98
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18c02600f046b3d5065ccd5adb4ff813.png
content-length
25946
x-request-id
8b12b40f59fe432fd844906cc2af7aad
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Tue, 06 Apr 2021 06:14:33 GMT
server
nginx
x-timer
S1618486801.686506,VS0,VE1
etag
"098ede231cfeadaa79e8d4652e881fa3"
x-served-by
cache-wdc5522-WDC, cache-dca17748-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
EZmAh37XgAA-r0u.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/06/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/06/EZmAh37XgAA-r0u.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44258eeefa186c81937ac590a3f5daed5025de4af3c37aad4289c9d820fd5419

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
145
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
783420
edge-cache-tag
394222813551010388299887913481265835926,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2020/06/EZmAh37XgAA-r0u.jpg
content-length
6364
x-request-id
04b3a318e4c8a7b1bef8d8707ffe3b56
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 05 Apr 2021 15:20:09 GMT
server
nginx
x-timer
S1618486801.698465,VS0,VE145
etag
"4ddac6a09f4068a1666aa3c6654ae20e"
x-served-by
cache-wdc5562-WDC, cache-dca17758-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0
2642fea6093ac7fb19bce2d8b8831ebc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2642fea6093ac7fb19bce2d8b8831ebc.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
45d2f99f623534fc8aa373077e54006295084f34022fdfdfa5f2b44169b3df22

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
2902158
edge-cache-tag
301862587797583020484716945862674508284,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2642fea6093ac7fb19bce2d8b8831ebc.jpg
content-length
9808
x-request-id
e5bd9452b645e3e42ada80fd9d73d1f3
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Thu, 04 Mar 2021 11:26:07 GMT
server
nginx
x-timer
S1618486801.700210,VS0,VE3
etag
"c7e2092e6d84cc0838050c4c18c3c1bd"
x-served-by
cache-wdc5583-WDC, cache-dca17727-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
529031701__QDXIcH2P.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/529031701__QDXIcH2P.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
107cac64ca1144b1403f6070c6c452d61449add4a74ed024891be43fd3295776

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
179
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
398488001918503510031163539493112512928,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Fri, 16 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/529031701__QDXIcH2P.jpg
content-length
13286
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Tue, 16 Mar 2021 15:49:27 GMT
server
nginx
x-timer
S1618486801.709209,VS0,VE179
etag
"ada964ee1cffaaf5a1d35a528326f68a"
x-served-by
cache-wdc5553-WDC, cache-dca17768-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
giuliani-3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2019/10/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2019/10/giuliani-3.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6ad98284a3cdd51585af0a9757abf80aff017c041f0ecdc93b87f27dbef0a012

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
89
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
2556420
edge-cache-tag
359464570858249242830633486088434832166,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
96
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.hillreporter.com/wp-content/uploads/2019/10/giuliani-3.jpg
content-length
13598
x-request-id
90f6dc040eedb9ee94f7afda1527f042
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Sat, 27 Feb 2021 07:31:21 GMT
server
nginx
x-timer
S1618486801.712572,VS0,VE89
etag
"caa2e936c980dda3011aa8366f6162e8"
x-served-by
cache-wdc5521-WDC, cache-dca17723-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
b5dabe035aeef4a20c401817acfff837.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5dabe035aeef4a20c401817acfff837.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
47a5ddaabfbcd2541cfebf6059f539e4e630fb138ff90d09e9bcd7abc3c23753

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
3089539
edge-cache-tag
431580161089517925255506874675092295471,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5dabe035aeef4a20c401817acfff837.jpg
content-length
15166
x-request-id
1b77ea69e7673d534897dbeca0351263
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Fri, 05 Mar 2021 07:18:43 GMT
server
nginx
x-timer
S1618486801.724494,VS0,VE1
etag
"7d39ac05610aae617a794639be24b2b3"
x-served-by
cache-wdc5522-WDC, cache-dca17727-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Gezinsfoto1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tipsenweetjes.nl/wp-content/uploads/2021/03/04161737/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tipsenweetjes.nl/wp-content/uploads/2021/03/04161737/Gezinsfoto1.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
db7927ce947705c4d2a7d6b00fefe782f3b86d14868e579f2947465058d4d007

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
2262847
edge-cache-tag
606419304375137031981117386228459731389,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tipsenweetjes.nl/wp-content/uploads/2021/03/04161737/Gezinsfoto1.jpg
content-length
11690
x-request-id
dc7fca947693c478a8719e468764dedc
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 05 Mar 2021 21:39:56 GMT
server
nginx
x-timer
S1618486801.747675,VS0,VE1
etag
"5d42ff35a3f9808d3b158a2ff543d261"
x-served-by
cache-wdc5546-WDC, cache-dca17773-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
18c02600f046b3d5065ccd5adb4ff813.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18c02600f046b3d5065ccd5adb4ff813.png
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4622efd01182604d0c70e3f5dd8186ae28f50e27cf0d4af8d68f492a7191b72a

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
940018
edge-cache-tag
610577620102231630902515671874138178152,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18c02600f046b3d5065ccd5adb4ff813.png
content-length
12116
x-request-id
aac486ccd8430a3daeb7cf0c31455801
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sat, 27 Mar 2021 17:09:18 GMT
server
nginx
x-timer
S1618486801.770959,VS0,VE1
etag
"45694ed922e56185a70bf66e66b3c6a3"
x-served-by
cache-wdc5555-WDC, cache-dca12924-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
next-up-widget.20210414-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20210414-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/hillreporter-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08437f845cf4ca2ea85df39d43f62ee10281380a36c15a8460a5c7d37711e4c1

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nsI.SH0C1ODhla2MkQpS4C0WIhkNSVIE
content-encoding
gzip
etag
"85ce418fe835dcefa1fbe458581c89ba"
age
77
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4366
x-amz-id-2
lOsf8M7Y3UQAk1xLSDRJ2+Dvc40Uo0sWd1F1bKCG7IB++VJ3AoTITEuZERwcmgOAkmp+fqGKnpw=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 14 Apr 2021 09:09:50 GMT
server
AmazonS3
x-timer
S1618486801.568764,VS0,VE0
date
Thu, 15 Apr 2021 11:40:00 GMT
vary
Accept-Encoding
x-amz-request-id
2B8WN0GJRP9A3S9V
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
87
x-cache-hits
21
b5dabe035aeef4a20c401817acfff837.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5dabe035aeef4a20c401817acfff837.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f87923615547e22aa7c48ad357a86198424198a3cc1e408daaf6f63a9a8b6305

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
3342323
edge-cache-tag
431580161089517925255506874675092295471,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b5dabe035aeef4a20c401817acfff837.jpg
content-length
6708
x-request-id
edb0aaf3a55eb55351f43f6d4af19ec7
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Fri, 05 Mar 2021 06:11:08 GMT
server
nginx
x-timer
S1618486801.794091,VS0,VE1
etag
"8341c59710a02ed250851dd66a1dd90c"
x-served-by
cache-wdc5570-WDC, cache-dca17725-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Gezinsfoto1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tipsenweetjes.nl/wp-content/uploads/2021/03/04161737/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tipsenweetjes.nl/wp-content/uploads/2021/03/04161737/Gezinsfoto1.jpg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
62b21622643f19b8edeb98d7306483cb3e63b6a1b911ef2a334e3491b96362d2

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
138
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
1821296
edge-cache-tag
606419304375137031981117386228459731389,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.tipsenweetjes.nl/wp-content/uploads/2021/03/04161737/Gezinsfoto1.jpg
content-length
5980
x-request-id
e6f6928a42d016c1308797b0122ce829
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 19 Mar 2021 08:47:29 GMT
server
nginx
x-timer
S1618486801.816671,VS0,VE138
etag
"5629c9add84912cc6157c2d57a531bd2"
x-served-by
cache-wdc5525-WDC, cache-dca17770-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
18c02600f046b3d5065ccd5adb4ff813.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18c02600f046b3d5065ccd5adb4ff813.png
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f9e527ede1bddea6d9bd701f8cff4380a57c37bd4af0fc9e1e8ef46dea35d9ed

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish, 1.1 varnish
age
3034948
edge-cache-tag
610577620102231630902515671874138178152,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18c02600f046b3d5065ccd5adb4ff813.png
content-length
7388
x-request-id
c584202b6d052b3dc06fc9c10472c051
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Wed, 24 Feb 2021 22:05:13 GMT
server
nginx
x-timer
S1618486801.824627,VS0,VE1
etag
"a07f013ddf4b15e31e31788bbc549574"
x-served-by
cache-wdc5546-WDC, cache-dca17762-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/3.3.9/ 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.3.9/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847eb5078a68fe834f84d51a8d1906edeb9f375a23dcd6718b5fb89fa16b150f

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront), 1.1 varnish
age
268652
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
27627
x-served-by
cache-hhn11541-HHN
last-modified
Mon, 12 Apr 2021 09:01:27 GMT
server
AmazonS3
x-timer
S1618486801.636392,VS0,VE0
etag
"e886ca2416ef6529c5a4f366d41192f2"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
eHnoEnQGZXEnHunBkTgEdW8RNsQ7YxIqQZrs2vM0pNwCO9fZ3dzXRg==
x-cache-hits
51491
s2s
eb.proper.io/ 		381 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s?proper_uid=a6c69dff-2bdf-4370-9bf1-c4206feac7a2
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50783871cfc53444e0c5b33d3be30e99fbe92f655848bbf1ebae012b0f9ce81d

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:00 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://hillreporter.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6404e5880833d729-FRA
cf-request-id
0976edc9010000d7297932f000000001
expires
-1
st
imprammp.taboola.com/ Frame D464 		973 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&cmcv=&pix=undefined&cb=1618486800924&uv=2949&tms=1618486800924&abt=adh5c-1_vA!insc_vA!smbs!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=8F12DEDA71100287382049827516&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&cmcv=&pix=undefined&cb=1618486800924&uv=2949&tms=1618486800924&abt=adh5c-1_vA!insc_vA!smbs!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=8F12DEDA71100287382049827516&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Thu, 15 Apr 2021 11:40:00 GMT
via
1.1 varnish
x-served-by
cache-fra19176-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1618486801.939951,VS0,VE13
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame 1D63 		973 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

server
nginx
date
Thu, 15 Apr 2021 11:40:00 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3404
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=505&height=284&pubid=169497&tagid=953497&crid=5397665&noaop=5&sortOrderType=0&cb=1618486800929&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1214&pt=906443078&tz=120&viewable=true&ddast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1750105&dpubid=347175&abtst=adh5c-1_vA!insc_vA!smbs!sre_vB!ufm&mPre=0.033&cirf=https%3A%2F%2Fhillreporter.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
29517e7c16e8b0117d58462fa3a4577b75e6d1e22915e88e3b7820faa29c0da6

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
content-encoding
gzip
access-control-allow-origin
https://hillreporter.com
machineid
1459
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11541-HHN
pragma
no-cache
server
nginx
x-timer
S1618486801.942233,VS0,VE61
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&cmcv=&pix=31589837&cb=1618486800924&uv=2949&tms=1618486800924&abt=adh5c-1_vA!insc_vA!smbs!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1618486799125.523!ts:1618486800924&mntl=1
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:00 GMT
content-length
0
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame D464 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&cmcv=&pix=undefined&cb=1618486800924&uv=2949&tms=1618486800924&abt=adh5c-1_vA!insc_vA!smbs!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=8F12DEDA71100287382049827516&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.73.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-73-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame D464 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&cmcv=&pix=undefined&cb=1618486800924&uv=2949&tms=1618486800924&abt=adh5c-1_vA!insc_vA!smbs!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=8F12DEDA71100287382049827516&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:8331:bab2:3072:ce38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
pixel.advertising.com/ups/58166/ Frame D464 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&cmcv=&pix=undefined&cb=1618486800924&uv=2949&tms=1618486800924&abt=adh5c-1_vA!insc_vA!smbs!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=8F12DEDA71100287382049827516&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.153.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-153-186.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame D464
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=50039884-9ddf-11eb-bdbc-186cd56e4a06&orig=video&us_privacy=1---
0
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=50039884-9ddf-11eb-bdbc-186cd56e4a06&orig=video&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&cmcv=&pix=undefined&cb=1618486800924&uv=2949&tms=1618486800924&abt=adh5c-1_vA!insc_vA!smbs!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=8F12DEDA71100287382049827516&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.34.222:10213
date
Thu, 15 Apr 2021 11:40:01 GMT
server
nginx
x-fastly-to-nlb-rtt
2111

Redirect headers

Date
Thu, 15 Apr 2021 11:40:01 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=50039884-9ddf-11eb-bdbc-186cd56e4a06&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
72
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame D464 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66318735&crid=5397665&dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&cmcv=&pix=undefined&cb=1618486800924&uv=2949&tms=1618486800924&abt=adh5c-1_vA!insc_vA!smbs!sre_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=8F12DEDA71100287382049827516&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.211.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-211-166.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
sync
taboola-supply-partners.tremorhub.com/ Frame 1D63 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:8331:bab2:3072:ce38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 1D63 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.73.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-73-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame 1D63 		0
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.153.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-153-186.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 1D63
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5005da04-9ddf-11eb-a808-1e8b65534e06&orig=video&us_privacy=1---
0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5005da04-9ddf-11eb-a808-1e8b65534e06&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.34.64:10213
date
Thu, 15 Apr 2021 11:40:01 GMT
server
nginx
x-fastly-to-nlb-rtt
2107

Redirect headers

Date
Thu, 15 Apr 2021 11:40:01 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5005da04-9ddf-11eb-a808-1e8b65534e06&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
143
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 1D63 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.211.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-211-166.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/29_4_9/infra/ 		641 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/29_4_9/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
8670af697b68ba7d95cc1bef01d95bec58aa039a7e7149a327bd47a6cfd13a74

Request headers

Origin
https://hillreporter.com
Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
via
1.1 varnish
age
268098
x-amz-meta-mtime
1618218487
x-cache
HIT
x-amz-meta-ctime
1618218661
x-amz-meta-mode
33188
content-encoding
br
content-length
115395
x-amz-id-2
J6xPXSrXBCgm40RpOdEFDNiRGX6eWi2bpvGSO8xLFuxhZqW2cWh4lcJdT07jgBgRZs6OjF/CUGY=
x-served-by
cache-hhn11522-HHN
accept-ranges
bytes
last-modified
Mon, 12 Apr 2021 09:11:03 GMT
server
AmazonS3-br
x-timer
S1618486801.081490,VS0,VE0
etag
"d505c843b057de9c341e96290f936a41"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
MAMFM41MGP8XNS69
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
12652
cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_4_9/assets/css/ 		58 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/29_4_9/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
3fa2d05c853e9ae626a42e17be01f3959480d9a36518b9f35c7647750dab6fff

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
via
1.1 varnish
age
268098
x-amz-meta-mtime
1618218487
x-cache
HIT
x-amz-meta-ctime
1618218608
x-amz-meta-mode
33188
content-encoding
br
content-length
7758
x-amz-id-2
I4GYzUj47lgufM7itOu1sbc5VH4AarjRInxD2y1W0HDBIP+wHPZMk7Q7YK+3VAdMDTjrg/izIsQ=
x-served-by
cache-hhn11541-HHN
accept-ranges
bytes
last-modified
Mon, 12 Apr 2021 09:10:10 GMT
server
AmazonS3-br
x-timer
S1618486801.033809,VS0,VE0
etag
"e5a46ef3bd4c553a76fa4e52d4e0347e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
MAMBNBNC50BS8M4E
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
443341
PMS.js
vidstat.taboola.com/PMS/3.2.2/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_4_9/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront), 1.1 varnish
age
3342136
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
17509
x-served-by
cache-hhn11541-HHN
last-modified
Thu, 21 Jan 2021 11:30:56 GMT
server
AmazonS3
x-timer
S1618486801.182335,VS0,VE0
etag
"f237b8d35060f133ac8c595fd1234e1c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
RuZTYf9ZWA96SQeo8HHRHLcCv200QVgjNg5SQ7cxYBxr9Ka4rjgQ-w==
x-cache-hits
5297556
integrator.js
adservice.google.nl/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=hillreporter.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 11:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hillreporter.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 11:40:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		238 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2467401420388832&correlator=1899328715913587&output=ldjh&impl=fifs&eid=31060505&vrg=2021040804&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20210415&iu_parts=5376056%2Chillreporter_leaderboard%2Chillreporter_content_1%2Chillreporter_content_2%2Chillreporter_content_3%2Chillreporter_sticky&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=1x1%7C300x250%7C728x90%2C320x50%7C1x1%7C300x250%7C336x280%7C728x90%2C320x50%7C1x1%7C300x250%7C336x280%7C728x90%2C320x50%7C1x1%7C300x250%7C336x280%7C728x90%2C1x1%7C728x90&fluid=0%2Cheight%2Cheight%2Cheight%2C0&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D3702%26proper_site%3Dhillreporter%26proper_slot%3D1%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D3702%26proper_site%3Dhillreporter%26proper_slot%3D2%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D3702%26proper_site%3Dhillreporter%26proper_slot%3D3%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D3702%26proper_site%3Dhillreporter%26proper_slot%3D4%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D3702%26proper_site%3Dhillreporter%26proper_slot%3D5%26proper_sticky%3Dtrue%26proper_floor_320x50%3D0.75%26proper_floor_728x90%3D1.00%26proper_floor_160x600%3D1.00%26proper_floor_320x100%3D0.75%26proper_floor_sticky_horizontal%3D1.75%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1618484363&dt=1618486801207&dlt=1618486799415&idt=848&frm=20&biw=1600&bih=1200&oid=3&adxs=340%2C418%2C418%2C418%2C800&adys=226%2C391%2C1325%2C1712%2C4&adks=2004394596%2C3596030282%2C3707461873%2C122173973%2C4241150287&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=120&u_his=4&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y&vis=1&dmc=8&scr_x=0&scr_y=0&psz=920x21%7C765x21%7C765x21%7C765x21%7C1600x-1&msz=920x1%7C765x1%7C765x1%7C765x1%7C1x-1&ga_vid=607603906.1618486800&ga_sid=1618486801&ga_hid=2048730589&ga_fc=false&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
c7507f5d2ea00fa7205914f8f198489e2c1132c4d871cba21cc93c9a756277be
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CISb9ZaVgPACFZAn4Aod1OcEfg&gqi=&layout=/sadbundle/%24csp%253Der3%24/17854754350552540274/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CISb9ZaVgPACFZAn4Aod1OcEfg&gqi=&layout=/sadbundle/%24csp%253Der3%24/17854754350552540274/index.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
google-creative-id
-1,-1,-1,138203123417,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46903
x-xss-protection
0
google-lineitem-id
-1,-1,-1,2151234376,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Thu, 15 Apr 2021 11:40:01 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hillreporter.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::84 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
content14_10_18m.js
vidstat.taboola.com/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content14_10_18m.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_4_9/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront), 1.1 varnish
age
3245253
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
7638
x-served-by
cache-hhn11541-HHN
last-modified
Sun, 14 Oct 2018 13:31:31 GMT
server
AmazonS3
x-timer
S1618486801.280180,VS0,VE0
etag
"d8d81221ec6e604811ce469d899c9c8b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
omj5vaGwuVO0u1DUElZ04p0xjblvLHfKzDESlIUndnM3CZOy52LCcg==
x-cache-hits
5155488
oppsula.js
vidstat.taboola.com/oppsula/1.3.8/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_4_9/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront), 1.1 varnish
age
2750895
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
5164
x-served-by
cache-hhn11541-HHN
last-modified
Tue, 14 Apr 2020 06:07:12 GMT
server
AmazonS3
x-timer
S1618486801.282509,VS0,VE0
etag
"328b70146f77a19d2bc0172c656d921e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
mX0WwlTmUO4x6xuR8DDLZg909FJ4TvyaVteRGEevDZZ-WfTsdjHQoQ==
x-cache-hits
2288154
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_4_9/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
via
1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront), 1.1 varnish
age
2073065
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-hhn11541-HHN
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1618486801.282565,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
duXZV0i4ZSVC1-tAr6cZHFunN-GB24YQyZTOQIqiUhVHBP_fxBkvMQ==
x-cache-hits
1249299
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v12.1.4/ 		546 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.4/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_4_9/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
720ddd4787fb99b285d201418703a00279cbe51d5adcd297a939c2ad2a58800a

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
via
1.1 varnish
age
441489
x-amz-meta-mtime
1618045252
x-cache
HIT
x-amz-meta-ctime
1618045266
x-amz-meta-mode
33188
content-encoding
br
content-length
113985
x-amz-id-2
MeZfd1q7qUwBDHWk30RIpj9dFcpk4uQUeWomXghP6UtCRk6vGsX9gCzCbeUJKcp/NTpkCjhl2Dk=
x-served-by
cache-hhn11541-HHN
accept-ranges
bytes
last-modified
Sat, 10 Apr 2021 09:01:07 GMT
server
AmazonS3-br
x-timer
S1618486801.298220,VS0,VE0
etag
"547cdf029ce8d527d430f333e6085e25"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
E8G0BQYVV975SPKT
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
753523
sync
am-match.taboola.com/ Frame C44F 		980 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_4_9/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
801f688e9f903e7eade76bd18fe6464bae88cf877886264f2b638692c34463cb

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=05a14eea-82df-42ed-ad29-0e55ed1028b8-tuct771ab91
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

server
nginx
date
Thu, 15 Apr 2021 11:40:01 GMT
content-type
text/html;charset=ISO-8859-1
machineid
9404
3bd70098-bf7b-4eb1-8a5b-77d563e6452d
https://hillreporter.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://hillreporter.com/3bd70098-bf7b-4eb1-8a5b-77d563e6452d
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
6e47298c-acf4-4478-8d41-d2cce5334683
https://hillreporter.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://hillreporter.com/6e47298c-acf4-4478-8d41-d2cce5334683
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
generic
match.adsrvr.org/track/cmf/ Frame C44F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.73.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-73-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame C44F 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:8331:bab2:3072:ce38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
sync
pixel.advertising.com/ups/58166/ Frame C44F 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.153.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-153-186.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame C44F 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.211.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-211-166.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame 264A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Apr 2021 11:40:01 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Thu, 15 Apr 2021 11:40:01 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
bulk
trc.taboola.com/hillreporter-hillreporter/log/3/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/hillreporter-hillreporter/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
18
pragma
no-cache
date
Thu, 15 Apr 2021 11:40:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1618486802.563663,VS0,VE18
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://hillreporter.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
27712
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1618486802.590403,VS0,VE0
date
Thu, 15 Apr 2021 11:40:01 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
84
x-cache-hits
31535
usync.js
eus.rubiconproject.com/ Frame 264A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2a9919dba758e9c6b34949c20ea05be4ec312381d469584837a21f244e1b536c

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 11:40:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Mar 2021 23:26:33 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=65739
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9419
Expires
Fri, 16 Apr 2021 05:55:40 GMT
khaos.jpg
token.rubiconproject.com/ Frame 264A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame A614 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame A614 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame A614 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame A614 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame A614 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
truncated
/ Frame A614 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
071701173a5b79742caaf8af48badc722af2d968e6e5d4dbfac0fff8931372ab

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
9712474046405479231
tpc.googlesyndication.com/simgad/ Frame A614 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9712474046405479231?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlPqaaaBtakU2NIFFelTeafxrvpHQ
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a58c1fbacc6314b7327e69bbf051b860af1fa3f4b89630160e5b83b1ec53d94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 03:43:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 09:45:02 GMT
server
sffe
age
28607
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42848
x-xss-protection
0
expires
Fri, 15 Apr 2022 03:43:14 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A614 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
11824
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 16 Apr 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A614 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Apr 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
44110
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 15 Apr 2021 23:24:51 GMT
l
www.google.com/ads/measurement/ Frame A614 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGHAVl6gjtfJtIWPEBjk6qr1Lxjvxt-1ioN2XJ00dXSVedKmZ8JhSgrIBp4reDbShPjCXXJocTweLhQ0b1BxqeRk0omQ
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame A614 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMRWIESZ4YMDOEZDPgAfUz5PwB86k5Z5iyPWEnYENh-CivcABEAEg2Oq2IGCRhJOF_BegAa3ciogDyAEC4AIAqAMByAMIqgTaA0_QK6p6nGOCogz0zc4iDpDCQUU9DmF-atRdWxKdrj-HhE8c820w5ELV956QPwddMGo3iLPDywgDIePSYBoKGwCBA4S0GbI6SfenTGNnMvs2vhbP_YC_NC5-9UjkVJFvfLZi6RSfB0I7yyMlrSYPnTKynYJNKxC2NwUBr13s5n10itj3jDuM0SZjOBnk4rh09lgSGuPbKQoCWpwkXk-C1t_vaVZZsjvUqUEVEoBMYzoqkRlPNnX5A7njgaLuf9b2w1lehjORYTE__ZioQxFmxLxfbq9na9a4pZ8JxkxwRKnaY0mGnitJgDUt8_nhVU7TIzLZt5Alh6gLwG4E-Z6NGMhx6a-94WCkp6i6c0dnIMArdPPQbeIExEZ0uOnz9eSE7eqCY3rZn9HL5o9uhShx9sK73pyDfHLrCBIuD_tnLKwWAYAHfrNoYJkDATkSfCFximhFvbgp2Z24ST6KXXdBhqa8Eo5vpuV6c7C-WAtqxZEyhO_NjzkO0K4jyMPG94kXj7GsVrarnl3eJQn2gIMlrLVL5eekiyGVQBwcYpbmadvn5ogA_lFAMyjKME-phuaZy_hIxGStHckfJY5V4I560fJMQpTtqhJtz4lHuPeqfE4KDqcmPGP_N_AA-cAEhvLUy7wD4AQBkgUECAQYAZIFBAgFGASgBgKAB9qAx2uoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ4IoH0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xODg1Mzk2MDkyMjc4ODAygAoDyAsB2BMMshcaChgIABIUcHViLTY4OTc5MDIxOTE3MTQ4MzM&sigh=T3OcAfqPx-s
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 0E18 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 0E18 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 0E18 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 0E18 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 0E18 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
css
fonts.googleapis.com/ Frame 0E18 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 11:17:59 GMT
server
ESF
date
Thu, 15 Apr 2021 11:40:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Apr 2021 11:40:01 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0E18 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
11824
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 16 Apr 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0E18 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Apr 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
44110
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 15 Apr 2021 23:24:51 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/16846177406994272540/ Frame 0E18 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16846177406994272540/downsize_200k_v1?w=600&h=314
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a9acba57d0b599c84197ec44c8de64d05511e3d826c925443c228a0ede62115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 08:24:20 GMT
x-content-type-options
nosniff
age
443741
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21986
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 16:28:05 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Apr 2022 08:24:20 GMT
truncated
/ Frame 0E18 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0E18 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79650a74e1a44d75b08ae03e937d64a439cf66f6ab84920cdbf351c11592cfc

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 243B 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 243B 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 243B 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 243B 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 243B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
92802
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Wed, 14 Apr 2021 09:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Apr 2022 09:53:19 GMT
9712474046405479231
tpc.googlesyndication.com/simgad/ Frame 243B 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9712474046405479231?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlPqaaaBtakU2NIFFelTeafxrvpHQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a58c1fbacc6314b7327e69bbf051b860af1fa3f4b89630160e5b83b1ec53d94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 03:43:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 09:45:02 GMT
server
sffe
age
28607
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42848
x-xss-protection
0
expires
Fri, 15 Apr 2022 03:43:14 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 243B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
11824
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 16 Apr 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 243B 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Apr 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
44110
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 15 Apr 2021 23:24:51 GMT
truncated
/ Frame 243B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1aa3c3bda930613943dfd67fa08e7fcb3c5165d792860b67180a14271a73acd

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4C7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstC2QgR-4ovqIiGacMNDyfl9yiglfVmJgBnEOKmptgDwp6HU3HFWvy-m-0gYymdgkqFaEU49ZP-fCCb-AZB9XcWOOJQBGQM2LOBkBgFyfUX76znpVxpK_Qw2ize0NQXh4eVPIZCtCG6c_yhz1dZ4To7riu5DG4tfpSxR8acGLoOdFC2Em7q8A_m0OEcAFZgC1M3ykAWLLNGNrmL9HiPjlxHLzBkL6XeriI7VVx37ZDaByJKA3szJJBCh7Z5vEzwx4mwLWNDiL4wjrkQd4yEm0hqf2H--P9FZ9rmkpWbhv1ikB6mLfFyGJA2-jHnAQ&sig=Cg0ArKJSzAnhNnSxZhoJEAE&urlfix=1&adurl=
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-HwrV1-WJV7CgXSVW3yh6wD91XcNGW2r6DCS5cJnhgW75Zj7S1DZ7-bW1-Tnhd519Nq7W5CpgfM29nwxWW3Hh2qz8lZ5vrW6M0yTg6rZ_FCW61TCpy2p3mpJW3R-pds86QHC8W8j5gYc7cbP6SW72tgYf97nhVpW8FJgD65VFCHyW4mNPNx5cCTdFVtszJ-1pnlV0W674gDx1_3Jf5W3xzwNq6vQDs7W1c1V4p4VpX4hW5KHy6h6KSk7LW2Vy4jw7j1J32W4YYt674q28sNW2V9gRC9j7fTSW2Y09LZ3_F6fCW8dT66L7zjylXW1w5rrN82Czj-W2-vcHj3K9lkVW6TZ-s6896X2f357f1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 11:40:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4C7C 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Thu, 15 Apr 2021 11:40:02 GMT
container.html
6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DDD9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c02::84 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 15 Apr 2021 11:40:02 GMT
expires
Fri, 15 Apr 2022 11:40:02 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 0E18 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNBPeESZ4YMHOEZDPgAfUz5PwB9X8sNthzN3PooQN3tkeEAEg2Oq2IGCRhJOF_BegAZKfr5ECyAEJqQLMEDJbwRq0PuACAKgDAcgDCqoE4QNP0HysxzYISrc7ooB8i4gh6L3N3xMqFDqvyoPD6mJ-FUsCuCv5CmRsDvOciv1Rh5EoXeySWRwl4zZkrGu3znJD7_Q8VDKNVt7_9KRl5_GhcPzHFj5bgOAdk_mdZ98Vme_jlarTFRkkV5wXY-qxyLJ26wO2R1YYZUQ4WtCQ5OR2_GjyWT1hKcsEjfINuQpvH7HE7Pj4pqR3Zex1Fpg4oMD5Uh4xBn00ygtBTjtkLEuP-nqlMwhxfYfnAGowLwzmlyj9diIxawrK9aAe0qdsO6tlaOhficUn6NcyyPiNWbJyNlsZkX8Juy-_Xhhywn1fBd5q8ticxccDqIcVD8IUu8uWtYD4tUU4sRH1e80jaZ0lZi1a9VQhnHWWPhrCWgR30e3mNl9nNna1Y7kVYEgogbDxQQhNrOfJDG-xE72NLyLUscExthMWZgP4rlndcSXVcWRoglSbOC46pk2jnCMib_-aCtr_ewTfb4XvcCH1QiNliYzvdNPivUYeENm7tukbyf512J8b6z9daVIxSQEhNvtDoXnMnPrB_wbTsh1Bznx2I0vOEbG59xLNHNWpexw65LBKax0Q_c7LVCoGdhBBD9CSaVnaQITcgpG7AUu6DMGgflz9d1T0z4jchjVOHLcI47bQwASM3pSsqAPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH1uDQ7gGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQkOIM0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xODg1Mzk2MDkyMjc4ODAygAoDyAsBuBOIJ9gTDbIXGgoYCAASFHB1Yi02ODk3OTAyMTkxNzE0ODMz&sigh=wEJVRDvmpPc&template_id=5000
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame 243B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpYB7fiBDgQ3QX10KKHYHp3E6gHcN7dcnZxBzYPOBvy29Mw2RSfaT6ImcvYZXgVKGxTnW_jLZ6G2W-t1RKJ7QXXFF-kg
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 243B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CoNEeESZ4YMLOEZDPgAfUz5PwB86k5Z5iyPWEnYENh-CivcABEAEg2Oq2IGCRhJOF_BegAa3ciogDyAEC4AIAqAMByAMIqgTaA0_Q6MlBw2kn1l4pixOLBq5jSHLpO6AW-k0L1Q8L0LI_8L5bcOO3fjQ218WyXAjhG44CW4SPHEmen7WVY9tCSOdaOBfkjmwAXaELl_k0Yh2ZnQhXsYpieOPUdk14ntFAvpk6eoT153mkrVl3jKylnw_9i1UJI9XOUNt6MjQlJ9vP2EghanAN29a0FuIWBnCYNoNPRuP4U1TbZ3SrMa4kYF73JRXTWgv3VSTAwMgbk_d8b_KJ0V3OYezuPqIqpODykwkib9_sXMDOrm5_3dgMlwRi_I6_6QpxWiQonCjHtdnbsglYRKKGDTZcDxtd94Dmk3E75wkAGTi1c5DpaT8Lca8FBD_ZkVdHdIhev0dHKHovg2aCqfSh2AyCMfM3M2r6mN6pAzUq02xTbeNwVo1oGbEXeAR_N9UTB2z0EFvoQrncuoOszh7TzNZvzhZqFwfmneYd1zUVPf9wzTUMjyL8h88lFYZbw1ATHFsr_AH6t8Ruosco6yAGlTPPEbr9yBVq8g5tluyqAi2O_E6ignJkqWlnflZ7adcgYTHezIez0AVy7b7pBlETL7E7X3M3Bx0T8Dv4rgc2rXfTFYmybzYdYJ90kIAkSLeh84s25_1HuuX04wU7DkLuVs77U8AEhvLUy7wD4AQBkgUECAQYAZIFBAgFGASgBgKAB9qAx2uoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQr9oJ0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xODg1Mzk2MDkyMjc4ODAygAoDyAsB2BMMshcaChgIABIUcHViLTY4OTc5MDIxOTE3MTQ4MzM&sigh=n2x8yL82KL8
Requested by
Host: hillreporter.com
URL: https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Thu, 15 Apr 2021 11:40:02 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040804&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2de6c400bcca0eb96d7082352036b9416f9cd13fb0ae8e415fff66b91ae757e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 11:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6624
x-xss-protection
0
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 0E18 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hillreporter.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
351384
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 0E18 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hillreporter.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
34620
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:03:02 GMT
truncated
/ Frame 4C7C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab14b79b2768869305d03d0c2a02ac4cb427b74264bd11e996d36d2c08477914

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4C7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_xZZh7vkY63uVDzp_X6V2ag3us1dM5Nmyp7skFnRhaEgDB4NM9bjax8Hy_o25U2-Nq1gQFqBC8tOhnhNfG0Vv3l8FI1mf_Bi_SM7BWW4gQXI2eQsDGCKgB1fV0Np3iC0vumtAi1r8lWpPRkp7aY7cqDvbDVUrwfJxDrNkouPATHjaYFQllsUGvbG27j5rUQBiXHVEl0Kc14c04jn2yefgQEGHjgq3zLLuAIyh8XZRWtLw_Q1i36jU1gmWhyQI3jD5Lxyn18kpcQYo7qR46cel8qNq1l5GXg2P_zlMHf2unWyE63_URtWWkkBIuJDn&sig=Cg0ArKJSzLoMt9z9ddp5EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 11:40:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 15 Apr 2021 11:40:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 15 Apr 2021 11:40:02 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A614
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Thu, 15 Apr 2021 11:40:02 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 243B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Thu, 15 Apr 2021 11:40:02 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
9712474046405479231
tpc.googlesyndication.com/simgad/ Frame A614 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9712474046405479231?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlPqaaaBtakU2NIFFelTeafxrvpHQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a58c1fbacc6314b7327e69bbf051b860af1fa3f4b89630160e5b83b1ec53d94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 03:43:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 09:45:02 GMT
server
sffe
age
28608
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42848
x-xss-protection
0
expires
Fri, 15 Apr 2022 03:43:14 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A614 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
11825
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 16 Apr 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A614 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Apr 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
44111
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 15 Apr 2021 23:24:51 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0E18 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
11825
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 16 Apr 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0E18 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Apr 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
44111
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 15 Apr 2021 23:24:51 GMT
9712474046405479231
tpc.googlesyndication.com/simgad/ Frame 243B 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9712474046405479231?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlPqaaaBtakU2NIFFelTeafxrvpHQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a58c1fbacc6314b7327e69bbf051b860af1fa3f4b89630160e5b83b1ec53d94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 03:43:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 09:45:02 GMT
server
sffe
age
28608
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42848
x-xss-protection
0
expires
Fri, 15 Apr 2022 03:43:14 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 243B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
11825
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 16 Apr 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 243B 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Apr 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
44111
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 15 Apr 2021 23:24:51 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/ Frame 3CA7 		16 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/index.html
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-HwrV1-WJV7CgXSVW3yh6wD91XcNGW2r6DCS5cJnhgW75Zj7S1DZ7-bW1-Tnhd519Nq7W5CpgfM29nwxWW3Hh2qz8lZ5vrW6M0yTg6rZ_FCW61TCpy2p3mpJW3R-pds86QHC8W8j5gYc7cbP6SW72tgYf97nhVpW8FJgD65VFCHyW4mNPNx5cCTdFVtszJ-1pnlV0W674gDx1_3Jf5W3xzwNq6vQDs7W1c1V4p4VpX4hW5KHy6h6KSk7LW2Vy4jw7j1J32W4YYt674q28sNW2V9gRC9j7fTSW2Y09LZ3_F6fCW8dT66L7zjylXW1w5rrN82Czj-W2-vcHj3K9lkVW6TZ-s6896X2f357f1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce6a94f742ca18a956d8dfe106eba2998038e16eae49f28b4ee632b87e6117c1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/17854754350552540274/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3503
date
Thu, 15 Apr 2021 03:58:18 GMT
expires
Fri, 15 Apr 2022 03:58:18 GMT
last-modified
Wed, 17 Mar 2021 16:14:55 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
27704
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame DDD9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBFzQESZ4YMTOEZDPgAfUz5PwB6fRjO9h_uu7vaENnriItoMDEAEg2Oq2IGCRhJOF_BegAcmcpe8DyAEJqQLMEDJbwRq0PuACAKgDAcgDCKoE2wNP0LpL37s7_46BXA3QcQf35joinxCMeOrzCILlJADTU77HnD0fiqyD0tx5cVWczGgQHErTNLswKibcZrJA7FtPBuiaHTjIwZAFoz5pRzYH4zuOK8GX4Xr1Isa2g1RFCQ-ug2mXqYgJHEUVwEe3nsyJHV9ypmFXzDzqnoSZbuehzm0oNmZEnC7YSCRaiovotUResZSNTMKNgSKBqNM2rBwCR97F7W790aXYOS5SmC98QNXM17Zjl2NzSDEbwZq5U04pqePQd4mR-woRPLu_5xGRjN3CvIf_PkN9p9K0GFCH78s3bnpqFIkf2Ezl3hVPBe_e56nV088aHNzoXITHCFo8nMd7_DF_jr_MflZz7-v8XarbxJt5kuZDcu-t56jSbZ-Z6r_-SqdBgsnKmQcNVl7efSBwNtAuOLf4ouW6KMM5RBwKdHgha50CYCSYgSOsH2CxGbiuIjdGU-SAk6HNy66eJN8CMwAm7xS3rYqmkOQIwPTL4gP4VW-Onl_bZYqTFTCG8--S4GqCP1UpDabzOWs_xBB-OEwKdy7ZKpRnFPeYcDsYy2BTpbrt38UlGUpvs5IgSTXNPvPsONlZYnNTVxsMLlFW9TxqtZPGFEPfYgsTwVLPcy_dTHVCVU1nwASmu4auuAPgBAGSBQQIBBgBkgUECAUYBKAGLoAHn-PaEKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDsvwfSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTE4ODUzOTYwOTIyNzg4MDKACgPICwHYEw2yFxoKGAgAEhRwdWItNjg5NzkwMjE5MTcxNDgzMw&sigh=eO5Zh1tAIqI&template_id=419
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-HwrV1-WJV7CgXSVW3yh6wD91XcNGW2r6DCS5cJnhgW75Zj7S1DZ7-bW1-Tnhd519Nq7W5CpgfM29nwxWW3Hh2qz8lZ5vrW6M0yTg6rZ_FCW61TCpy2p3mpJW3R-pds86QHC8W8j5gYc7cbP6SW72tgYf97nhVpW8FJgD65VFCHyW4mNPNx5cCTdFVtszJ-1pnlV0W674gDx1_3Jf5W3xzwNq6vQDs7W1c1V4p4VpX4hW5KHy6h6KSk7LW2Vy4jw7j1J32W4YYt674q28sNW2V9gRC9j7fTSW2Y09LZ3_F6fCW8dT66L7zjylXW1w5rrN82Czj-W2-vcHj3K9lkVW6TZ-s6896X2f357f1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/ Frame DDD9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/abg_lite_fy2019.js
Requested by
Host: 6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
URL: https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a3f7218703989b2b5daf92319273724ea24f6948631c1376a936ba12bda72e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:37:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
17366458733339412862
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Apr 2021 11:37:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/ Frame DDD9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
URL: https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Apr 2021 11:38:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DDD9 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
URL: https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Thu, 15 Apr 2021 11:40:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/ Frame DDD9 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
URL: https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Apr 2021 11:38:44 GMT
l
www.google.com/ads/measurement/ Frame DDD9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPuyXbHUUxWixxQ6kKJ3bLRVf2he8UFgdt3T81UBiMGUOiA10Eey8k8b32CUCKEYu_cysFIn4-SBo9Ljvr9h7-aW4gmQ
Requested by
Host: 6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
URL: https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 02E9 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 15 Apr 2021 11:14:20 GMT
expires
Fri, 15 Apr 2022 11:14:20 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1542
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.170.237 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-170-237.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 15 Apr 2021 11:40:02 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
s
googleads.g.doubleclick.net/pagead/drt/ Frame AC42 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
URL: https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm-F0mOmw8j47V7JNLKLs5XqWQLEDOP1jHBjv1gYOL0x4dRP2GapqtRnmPH; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 15 Apr 2021 10:41:26 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3516
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame DDD9 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
840b7ff605ff039db70630ab6f6813cbcfbbf4102a3a43e8cf1e41be47772559

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3CA7 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 04:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 16 Apr 2021 04:49:22 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3CA7 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 15 Apr 2021 13:07:30 GMT
css
fonts.googleapis.com/ Frame 3CA7 		4 KB
499 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=DM+Sans:regular,italic,500,500italic,700,700italic&cb=1615969239
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d8517c4fadcb44c4ca68772f55473a9e5f9bd516c2bb0857d902a5673bcd36a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 10:31:01 GMT
server
ESF
date
Thu, 15 Apr 2021 11:40:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Apr 2021 11:40:02 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3CA7 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Apr 2021 11:40:02 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame AC42
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
URL: https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm-F0mOmw8j47V7JNLKLs5XqWQLEDOP1jHBjv1gYOL0x4dRP2GapqtRnmPH; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 15 Apr 2021 11:40:02 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 15-Apr-2021 12:40:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Apr 2021 11:40:02 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 15 Apr 2021 11:40:02 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0iqFw_ToJ2jGmcdewok9OyePTo5XIlOWuQOUYfHL4Is.js
pagead2.googlesyndication.com/bg/ Frame 02E9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0iqFw_ToJ2jGmcdewok9OyePTo5XIlOWuQOUYfHL4Is.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d22a85c3f4e82768c699c75ec2893d3b278f4e8e57225396b9039461f1cbe08b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:17:28 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:08:00 GMT
server
sffe
age
1354
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5665
x-xss-protection
0
expires
Fri, 15 Apr 2022 11:17:28 GMT
imagesgwirzy3s81ezueawsugr.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/ Frame 3CA7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/imagesgwirzy3s81ezueawsugr.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea6cba61b51b4c7951e322447bb3661c5373eade7dd4b0fa0c6ebcf1303a0ba2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
453747
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2533
x-xss-protection
0
last-modified
Wed, 17 Mar 2021 16:14:55 GMT
server
sffe
date
Sat, 10 Apr 2021 05:37:35 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Apr 2022 05:37:35 GMT
f9299debccba817134f9b2df9203dce8.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/ Frame 3CA7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/f9299debccba817134f9b2df9203dce8.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a25042854954b3b8bc10b56ecef1bc6082e1aa344f77f1eea6403d120525936
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
453747
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7624
x-xss-protection
0
last-modified
Wed, 17 Mar 2021 16:14:55 GMT
server
sffe
date
Sat, 10 Apr 2021 05:37:35 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Apr 2022 05:37:35 GMT
cc773f1e02a0bebaf7db55f84c1809e5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/ Frame 3CA7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/cc773f1e02a0bebaf7db55f84c1809e5.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17854754350552540274/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37974cc78fb3808817d5e8291c2ed08589599025d435b81d38fd453fcee0c9a0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
1825
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16029
x-xss-protection
0
last-modified
Wed, 17 Mar 2021 16:14:55 GMT
server
sffe
date
Thu, 15 Apr 2021 11:09:37 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Apr 2022 11:09:37 GMT
rP2Cp2ywxg089UriAWCrCBimCw.woff2
fonts.gstatic.com/s/dmsans/v6/ Frame 3CA7 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriAWCrCBimCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:regular,italic,500,500italic,700,700italic&cb=1615969239
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3411c961b332008c61452f483ada3da4cd0fd06cc264c7f2facfb01bc4b1d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:03:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:00:23 GMT
server
sffe
age
34602
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18296
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:03:20 GMT
rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v6/ Frame 3CA7 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriASitCBimCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:regular,italic,500,500italic,700,700italic&cb=1615969239
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:00:14 GMT
server
sffe
age
351383
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18244
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:39 GMT
rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v6/ Frame 3CA7 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v6/rP2Hp2ywxg089UriCZOIHQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:regular,italic,500,500italic,700,700italic&cb=1615969239
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
951a3b8ec1c6a0ae2767a3bb90ba6995397c5d13bd7ff79ea0bc87529b8024ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:03:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:00:18 GMT
server
sffe
age
34614
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18076
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:03:08 GMT
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 1FC5
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=801bc00d-3ac6-4ffe-820a-ce31c4b6a2c2
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=801bc00d-3ac6-4ffe-820a-ce31c4b6a2c2&tbid=4a83ea55-e339-4537-9f29-8fe4356a76c9-tuct771ab92&query=taboola_hm%3D801bc00d-3ac6-...
0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=801bc00d-3ac6-4ffe-820a-ce31c4b6a2c2&tbid=4a83ea55-e339-4537-9f29-8fe4356a76c9-tuct771ab92&query=taboola_hm%3D801bc00d-3ac6-4ffe-820a-ce31c4b6a2c2&isDirect=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1618486803.634132,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11541-HHN

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=801bc00d-3ac6-4ffe-820a-ce31c4b6a2c2&tbid=4a83ea55-e339-4537-9f29-8fe4356a76c9-tuct771ab92&query=taboola_hm%3D801bc00d-3ac6-4ffe-820a-ce31c4b6a2c2&isDirect=0
tbl-x-upstream
10.41.34.201:10213
date
Thu, 15 Apr 2021 11:40:02 GMT
server
nginx
x-fastly-to-nlb-rtt
2090
sd
u.openx.net/w/1.0/ Frame 1FC5
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&gdpr=0&gdpr_consent=
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:02 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&gdpr=0&gdpr_consent=
date
Thu, 15 Apr 2021 11:40:02 GMT
via
1.1 google
server
OXGW/16.205.4
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sync.php
pixel.rubiconproject.com/exchange/ Frame 1FC5 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 1FC5
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=4b6a13fTksBR&ev=1&orig=trc&pid=562107
0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=4b6a13fTksBR&ev=1&orig=trc&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.34.64:10213
date
Thu, 15 Apr 2021 11:40:02 GMT
server
nginx
x-fastly-to-nlb-rtt
7916

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=4b6a13fTksBR&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-bdsjx
expires
-1
getuidnb
ib.adnxs.com/ Frame 1FC5 		43 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 11:40:02 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.148:80
AN-X-Request-Uuid
e1120347-1c59-4a29-869b-f308029786e9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 1FC5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEM9YrAJCloNB3j7H4PM68dc&google_cver=1
0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEM9YrAJCloNB3j7H4PM68dc&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Thu, 15 Apr 2021 11:40:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1618486803.619727,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19176-FRA

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEM9YrAJCloNB3j7H4PM68dc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1FC5 		42 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90:$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 11:40:00 GMT
X-lat
amspug013:0:467
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 1FC5
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=4a83ea55-e339-4537-9f29-8fe4356a76c9-tuct771ab92
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=4a83ea55-e339-4537-9f29-8fe4356a76c9-tuct771ab92&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=4a83ea55-e339-4537-9f29-8fe4356a76c9-tuct771ab92&google_tc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=4a83ea55-e339-4537-9f29-8fe4356a76c9-tuct771ab92&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
376
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 1FC5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ad987089-1dbb-4b54-8eb5-c82a22cfe132
0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ad987089-1dbb-4b54-8eb5-c82a22cfe132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 15 Apr 2021 11:40:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1618486803.573620,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19176-FRA

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ad987089-1dbb-4b54-8eb5-c82a22cfe132
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 1FC5
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 11:40:02 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 11:40:02 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 1FC5 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-7c488d4f5b-xkz5q
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 1FC5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
put
e1.emxdgt.com/ Frame 1FC5 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:02 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 1FC5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=c2af61f9-f86d-48c4-819b-8e6517529180
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=c2af61f9-f86d-48c4-819b-8e6517529180
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.175:10213
date
Thu, 15 Apr 2021 11:40:02 GMT
server
nginx
x-fastly-to-nlb-rtt
3652

Redirect headers

pragma
no-cache
x-errorlevel
0
date
Thu, 15 Apr 2021 11:40:02 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=c2af61f9-f86d-48c4-819b-8e6517529180
cache-control
no-cache
server-processing-duration-in-ticks
2764
content-type
text/html; charset=utf-8
content-length
222
expires
Thu, 15 Apr 2021 00:00:00 GMT
check
pixel.tapad.com/idsync/ex/push/ Frame 1FC5
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOtOQ5T-RFjcFe_R99Mn55cABQ8kbOf-_AuDzPYg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOtOQ5T-RFjcFe_R99Mn55cABQ8kbOf-_AuDzPYg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=28fd64f8-d016-4e2c-b0b8-9b7176b7bec8&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEF48jxBdkANCD7wIV2gJiVQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEF48jxBdkANCD7wIV2gJi...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4107778335874001504&opid=apx&ops=&utidl=tech:goo:CAESEF48jxBdkANCD7wIV2gJiVQ&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A16922969980&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/4/4.gif?puid=218f545220656da5922dee5880b9e6b2&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/3/5.gif?puid=17df82ce-6b2e-4498-9714-15534a9cc89e&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
0
0
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 1FC5
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=0Wf3mCJeCfGm9oJ2EyZ4YA
0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=0Wf3mCJeCfGm9oJ2EyZ4YA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Thu, 15 Apr 2021 11:40:03 GMT
server
nginx
x-fastly-to-nlb-rtt
7200

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=0Wf3mCJeCfGm9oJ2EyZ4YA
date
Thu, 15 Apr 2021 11:40:03 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 1FC5 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Thu, 15 Apr 2021 11:39:08 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 1FC5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=taboola
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1871878969223723878&expires=30&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b261bd84-9361-4350-94c8-8bf01b151ca1
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b261bd84-9361-4350-94c8-8bf01b151ca1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Thu, 15 Apr 2021 11:40:02 GMT
server
nginx
x-fastly-to-nlb-rtt
8758

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b261bd84-9361-4350-94c8-8bf01b151ca1
date
Thu, 15 Apr 2021 11:40:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040804&jk=2467401420388832&bg=!3d6l3prNAAb2K53n9is7ACkAdvg8Wl8SmxfMIJ85I-ZU2KRTBjK5Tx6wIM3GDldmlL5UGbD31G0cHwIAAAB6UgAAAApoAQcKAYJfjVPvwIrKb2szGE-fbHH7CREfvayTqNO2r0vXS8Hc9jb9mPbLjjPK3cSYN8g6-GUG4INEJDbl2bVmWQ_cpQS4JDnVSLcGf03YkOu09idDA1HEjEZvaAYEE_2XOwTS9-3OJoqbkD1kQv2seqff8owMva3RRKrfQupU55-59eX-1GU0g-ntIkFxuTD5FKNkLmDYyk5HfWM9DhjuDRAYd3JznBn23d5IzKiV-ko1KOdk5OUbidgoCaxJs8_9xW8WzFwCugc6I2a9-290DnfXSPT6AZczHe3wCKTX6w4NSuybMzlI38oFVS81tBiu29yPFfH4JApByF6tm7q1MB2GbFzxvvpCtQXh9C1kPOyw2FQa5D5LnNnt-dqUJd7IvSI_g1phckqd3ajikfztcLHTNMPg0W-XUrUdbZgvhC0ovn56tZu7RWIMco0VWUv7butH8PmwXn15wI1Ao3LWeH5phxIoMpBV_ITyvNlbElDv9CnTIzeigL6J4jUvX8XTNKGy6-up6pkB8dFHGzjVeffCSjWFPup5jYWhPF2INgj1L0zQXdH_KMoyjaiStlsioCm-_Bb3SPfFxJX3cvQKPn1E-_S9W0_H2e37FPLYE29zTS-9DLa9vEyz-WRQv8ThYiJ2u7-XXVgYfePKKo8nTxwDYRAmkUzP-V76edmQBivwTrliqjaXtNYpl8l2EGY5OdGVHprc-BMFksKOZvZSF2Cd0dKUm_GNlYExsm7Dv0V9Vaf4H7nNutMAE2Ufq-OSEMsfB4DgwhFMIhC83EkwTBzAGzE5U2ttwxsVtgh-THcMScyKqDKTj03Yg3FCR3dxN5c-41wI1TCrgpAW1t3Ue7B4ihNFw6eOFDztbI6IGu2UrMD3uVt2VCtKihmJNFeGOdQ2IWkJXHpR8PSsFjcSNFi-_hBVOhnphe4zTpppb7KoTTxWxypuko0oA3Bt7x9zUFCw2ootwNFcHeTJZmtcN6zEeM5ElvhV_BrZNEXm1gwHfZJNl_tQr6czet64pXjmH_aFo48Ry9LnEJAqVHE0En8Jtgq4uxY9hAtEkLlCl3uL4luCdAuVeKakwqfOUU_LksHSOKYt13Ri2nr-fY1iaq5yHGoNvJcNhjc7DJAR0diHZXd_4pwOde0a5hS-EzbLgYZSIQdeh4N9IVwSPTlWIx1kEGDx000vyy-q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A614 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv52kTt5mDGal-9UcOFKPhwLcTTeif7bQsHeZzUxcsJstgWtGKYlGYXOHoTuM3fQjAfGfzWwCFewwPtKr_BZV3bNOcSUn-ILnj8z9ETdvKciwvQEQJpvl8eTUbEOA&sai=AMfl-YSq-jVhokD7Fv887rI0LzswRSrLQgg1l8G3RpvlUjZW3JVRF4hAzONn1e185tv4xv_ND0zNsPvLhzjtzvPbY0-23R2cLKRiQEa2gv0sbDBJZazo0xST9McLBxr4&sig=Cg0ArKJSzJFQaJDjATPHEAE&cid=CAASF-Ro2qogD56NyhoQkLxju-K1i6wmWVdq&id=ampim&o=650,226&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=173&tls=1174&g=100&h=100&tt=1174&r=v&avms=ampa&adk=2004394596
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E18 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1A0u7QmQ0YXpemTCRTyxUJLsVuzFHPRaIiGpwsSOe4ZkGICopAu8iVyc1tGKJV24zk249ZdMpcUteG9nnNIOIt1UCXBOKTXxhYfRAy0ab3--aql4NtkvarDbsXA&sai=AMfl-YRwcEFiqMN3609QWj_Drst9Ggv8LUIvCTxILaH4Ms9rnKYgmZ42JvfW5WdOeVy8Hjfo9v8a5Lca5W8e9XLX4T0yB5e-g6P4BAux1IakGuALWQ0X1FwEiuhuD8fD&sig=Cg0ArKJSzGahYbjYjLUkEAE&cid=CAASF-Ro--gIB0zL16pRlOu2s_jugo0FqDqz&id=ampim&o=418,640&d=765,280&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=196&tls=1197&g=100&h=100&tt=1197&r=v&avms=ampa&adk=3596030282
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DDD9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_QoT-mqN6Rnbhk9Q_VOoUtdcfWQZlBe6vuMZfsceJwLrDkrFVwVk7vDWWkyPqw0riWhE3FTxLe5G0ePl_E4WOQNUALSwGqS5PX9q9u3lE0jaS4uBfxThc3Org3g&sai=AMfl-YTr5vDpZioJ2xc6ZRX_eZkgajKKsNvEJcOiIT9FeqMlPbh5YW-TPOgNJ7WCeNwf5ZsE6LlsXxOWviceaJoS4g5WCfIKdZ4j7c-DakqUXtF6CFeXflHDV5XDaziG&sig=Cg0ArKJSzFHs0TQwfm7xEAE&cid=CAASF-Ro0wnsDCzLmD3TvG4w-L-m2GQv5Q2U&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=4241150287&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618486802012&dlt=41&rpt=288&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 1DA7 		995 B
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-185.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hillreporter.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=4107778335874001504
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Fri, 15 Apr 2022 11:40:05 GMT
Date
Thu, 15 Apr 2021 11:40:05 GMT
Connection
keep-alive
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 23B0 		332 B
571 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1618486799834&secure=true&version=9&mobile=false&title=WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump%27s%20Capitol%20Insurrection%20%7C%20HillReporter.com&url=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.61.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-61-253.compute-1.amazonaws.com
Software
/ Express
Resource Hash
98df0c08f0bcc86bd3397315ef1b9a24ea5593c6e753dc4afcc2d476b671432e

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=-120&buster=1618486799834&secure=true&version=9&mobile=false&title=WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump%27s%20Capitol%20Insurrection%20%7C%20HillReporter.com&url=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

date
Thu, 15 Apr 2021 11:40:04 GMT
content-type
text/html; charset=utf-8
content-length
332
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"14c-5/YnmpJZOJCTzWRJvyoFAmZHKIs"
Cookie set check.html
biddr.brealtime.com/ Frame 8516 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hillreporter.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

Date
Thu, 15 Apr 2021 11:40:05 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dfe502a7a0ed8ee1f3e12913fd5f790a61618486805; expires=Sat, 15-May-21 11:40:05 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
yha6/A2XjBvkC+MqmgT8b/fjoeWk6aro0Pxkd3OTcLbhqLrlmS0Jeqit1iNRrw/irIDovoAFby0=
x-amz-request-id
3F71B386A6C1C568
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
4774
Expires
Thu, 15 Apr 2021 11:41:05 GMT
Cache-Control
public, max-age=60
cf-request-id
0976edda0c00007239378c8000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6404e5a34d787239-AMS
Content-Encoding
gzip
showad.js
ads.pubmatic.com/AdServer/js/ Frame 91D2 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hillreporter.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1235=23226-2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90:$UID; PugT=1618486800; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=78020
Expires
Fri, 16 Apr 2021 09:20:25 GMT
Date
Thu, 15 Apr 2021 11:40:05 GMT
Connection
keep-alive
Vary
Accept-Encoding
iframe
sync.teads.tv/ Frame DCCC 		153 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/iframe?gdprIab=%7B%22status%22%3A0%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

content-type
text/html; charset=UTF-8
server
akka-http/10.2.3
content-length
153
expires
Thu, 15 Apr 2021 11:40:05 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Thu, 15 Apr 2021 11:40:05 GMT
set-cookie
tt_bluekai=; Expires=Fri, 16 Apr 2021 11:40:05 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Fri, 16 Apr 2021 11:40:05 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Fri, 16 Apr 2021 11:40:05 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Fri, 16 Apr 2021 11:40:05 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Fri, 16 Apr 2021 11:40:05 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Fri, 16 Apr 2021 11:40:05 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Fri, 16 Apr 2021 11:40:05 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Fri, 16 Apr 2021 11:40:05 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Fri, 16 Apr 2021 11:40:05 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None
async_usersync
secure.adnxs.com/ Frame 1DA7 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 11:40:05 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.150:80
AN-X-Request-Uuid
ef135463-45fa-4043-9f94-e1bf5ecfafff
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 91D2 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=575356&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b2d5ff4c06a80170265efc9cf317cd1cf0d02ae0002ec6cf028e31d49ff9f188

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 11:40:02 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
quant.js
secure.quantserve.com/ Frame 23B0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1618486799834&secure=true&version=9&mobile=false&title=WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump%27s%20Capitol%20Insurrection%20%7C%20HillReporter.com&url=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1574e89f09d15f5c0b502e03318bf8e42f6993bc76761f01d4189d9c7cac1a2f

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:05 GMT
content-encoding
gzip
etag
"9BXR5o2ektbbjpKQZDKFMQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 22 Apr 2021 11:40:05 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame 23B0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=ad987089-1dbb-4b54-8eb5-c82a22cfe132
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=ad987089-1dbb-4b54-8eb5-c82a22cfe132
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1618486799834&secure=true&version=9&mobile=false&title=WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump%27s%20Capitol%20Insurrection%20%7C%20HillReporter.com&url=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.61.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-61-253.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:05 GMT
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=ad987089-1dbb-4b54-8eb5-c82a22cfe132
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
rules-p-8p-p7hkcWNjJm.js
rules.quantcount.com/ Frame 23B0 		3 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-8p-p7hkcWNjJm.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:ca00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 18:00:35 GMT
via
1.1 aec69d2871c7aeb74988020f07480fa4.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 20:14:17 GMT
server
AmazonS3
age
63571
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
2H-Yi8f-45STsAwXa_thbsD5OGaOWxGbIqEUr1eeaGKfAjGUFSb4Iw==
pixel;r=7854608;labels=property.5cd4a43e83eac200087e1fc0;rf=0;a=p-8p-p7hkcWNjJm;url=https%3A%2F%2Fmantodea.mantisadnetwork.com%2Fprebid%2Fiframe%3Ftz%3D-120%26buster%3D1618486799834%26secure%3Dtrue...
pixel.quantserve.com/ Frame 23B0 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=7854608;labels=property.5cd4a43e83eac200087e1fc0;rf=0;a=p-8p-p7hkcWNjJm;url=https%3A%2F%2Fmantodea.mantisadnetwork.com%2Fprebid%2Fiframe%3Ftz%3D-120%26buster%3D1618486799834%26secure%3Dtrue%26version%3D9%26mobile%3Dfalse%26title%3DWATCH%253A%2520VICE%2520Splices%2520Together%2520Videos%2520of%2520Donald%2520Trump%2527s%2520Capitol%2520Insurrection%2520%257C%2520HillReporter.com%26url%3Dhttps%253A%252F%252Fhillreporter.com%252Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%253F_hsmi%253D96965274%2526_hsenc%253Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y;ref=https%3A%2F%2Fhillreporter.com%2F;uht=2;fpan=1;fpa=P0-513376560-1618486805079;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=b0f2076b-20210414175820;cm=;gdpr=0;d=mantodea.mantisadnetwork.com;je=0;sr=1600x1200x24;dst=1;et=1618486805079;tzo=-120;ogl=
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1618486799834&secure=true&version=9&mobile=false&title=WATCH%3A%20VICE%20Splices%20Together%20Videos%20of%20Donald%20Trump%27s%20Capitol%20Insurrection%20%7C%20HillReporter.com&url=https%3A%2F%2Fhillreporter.com%2Fwatch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098%3F_hsmi%3D96965274%26_hsenc%3Dp2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 0A94
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
42 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1235=23226-2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90:$UID; PugT=1618486800; PUBMDCID=3; KADUSERCOOKIE=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B; chkChromeAb67Sec=1; DPSync3=1619654400%3A201_227_226_221; SyncRTB3=1619654400%3A13_3_7_161_71_220_21_54_56%7C1619740800%3A35%7C1619308800%3A63%7C1619049600%3A223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 15 Apr 2021 11:40:04 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 11:40:04 GMT; path=/
X-lat
amspug008:0:390
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=utf-8
expires
Thu, 15 Apr 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
3233
date
Thu, 15 Apr 2021 11:40:04 GMT
content-length
205
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 6B7A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6263393849656554751
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6263393849656554751
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1235=23226-2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90:$UID; PUBMDCID=3; KADUSERCOOKIE=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B; chkChromeAb67Sec=1; DPSync3=1619654400%3A201_227_226_221; SyncRTB3=1619654400%3A13_3_7_161_71_220_21_54_56%7C1619740800%3A35%7C1619308800%3A63%7C1619049600%3A223; KRTBCOOKIE_377=6810-ad987089-1dbb-4b54-8eb5-c82a22cfe132&KRTB&22918-ad987089-1dbb-4b54-8eb5-c82a22cfe132&KRTB&23031-ad987089-1dbb-4b54-8eb5-c82a22cfe132; KRTBCOOKIE_57=22776-4107778335874001504; KRTBCOOKIE_80=16514-CAESEA01BUwKCAuN0RmOWyk6hQI&KRTB&22987-CAESEA01BUwKCAuN0RmOWyk6hQI&KRTB&23025-CAESEA01BUwKCAuN0RmOWyk6hQI; KRTBCOOKIE_391=22924-1821842302308344554&KRTB&23263-1821842302308344554; KRTBCOOKIE_27=16735-uid:54266078-2614-4400-81ba-aa6d52ceb200&KRTB&16736-uid:54266078-2614-4400-81ba-aa6d52ceb200&KRTB&23019-uid:54266078-2614-4400-81ba-aa6d52ceb200&KRTB&23114-uid:54266078-2614-4400-81ba-aa6d52ceb200; PugT=1618486803
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 15 Apr 2021 11:40:03 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-6263393849656554751; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 11:40:03 GMT; path=/ PugT=1618486803; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 15-May-2021 11:40:03 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 14-Jul-2021 11:40:03 GMT; path=/
X-lat
amspug016:0:306
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6263393849656554751
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 91D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tZyefn7XQ4ewSegvPl56aw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 11:40:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=82518
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Fri, 16 Apr 2021 10:35:23 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 91D2 		95 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6404e5a3eba3c28b-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0976edda770000c28b0199c000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 91D2
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
uip-response-status
FallbackResponse
date
Thu, 15 Apr 2021 11:40:03 GMT
frontend-id
8
content-length
42
routing-server-id
-1
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:03 GMT
frontend-id
13
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 91D2
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&addseg=17
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&addseg=17
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 11:40:05 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Thu, 15 Apr 2021 11:40:05 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&addseg=17
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 91D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjU5QzlFN0UtN0VENy00Mzg3LUIwNDktRTgyRjNFNUU3QTZC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 11:40:03 GMT
X-lat
amspug009:0:401
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 91D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA01BUwKCAuN0RmOWyk6hQI&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA01BUwKCAuN0RmOWyk6hQI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 11:40:03 GMT
X-lat
amspug009:0:402
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA01BUwKCAuN0RmOWyk6hQI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 91D2 		43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 14 Apr 2021 11:40:05 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 91D2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ad987089-1dbb-4b54-8eb5-c82a22cfe132
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ad987089-1dbb-4b54-8eb5-c82a22cfe132
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 11:40:03 GMT
X-lat
amspug017:0:420
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ad987089-1dbb-4b54-8eb5-c82a22cfe132
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 91D2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1821842302308344554
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1821842302308344554
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 11:40:04 GMT
X-lat
amspug005:0:413
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:05 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1821842302308344554
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 91D2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:54266078-2614-4400-81ba-aa6d52ceb200&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:54266078-2614-4400-81ba-aa6d52ceb200&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 11:40:03 GMT
X-lat
amspug010:0:469
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Thu, 15 Apr 2021 11:40:05 GMT
Server
MT3 3660 495c301 master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:54266078-2614-4400-81ba-aa6d52ceb200&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Apr 2021 11:40:04 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 91D2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4107778335874001504&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4107778335874001504&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 11:40:03 GMT
X-lat
amspug006:0:275
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 11:40:05 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.178:80
AN-X-Request-Uuid
d9ec6341-0eb1-473b-aaac-945f777aa1fb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4107778335874001504&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 91D2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=8e6055ac-33fb-5169-901a-5a8bf0627c9e&ssp=pubmatic&expires=30&user_group=1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b261bd84-9361-4350-94c8-8bf01b151ca1&gdpr=&gdpr_consent=&gdpr_pd=
1 B
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b261bd84-9361-4350-94c8-8bf01b151ca1&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 11:40:04 GMT
X-lat
amspug007:0:2724
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b261bd84-9361-4350-94c8-8bf01b151ca1&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 15 Apr 2021 11:40:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 91D2 		43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 91D2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B59C9E7E-7ED7-4387-B049-E82F3E5E7A6B&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-yJjsq81E2uW4T_MsZZ.egWj4bTfEJ_E-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-yJjsq81E2uW4T_MsZZ.egWj4bTfEJ_E-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 11:40:04 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 15 Apr 2021 11:40:05 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-yJjsq81E2uW4T_MsZZ.egWj4bTfEJ_E-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=505&height=284&pubid=169497&tagid=953497&crid=5397665&noaop=5&sortOrderType=0&cb=1618486806371&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1056001&pt=82376372&tz=120&viewable=true&ddast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1750105&dpubid=347175&abtst=adh5c-1_vA!insc_vA!smbs!sre_vB!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fhillreporter.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
efb984063f9bb93391d94456e74ab6eb25cc51c43e6a94d6cab39eae0090830f

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 15 Apr 2021 11:40:06 GMT
content-encoding
gzip
access-control-allow-origin
https://hillreporter.com
machineid
1409
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11541-HHN
pragma
no-cache
server
nginx
x-timer
S1618486806.385118,VS0,VE108
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
pd
eu-u.openx.net/w/1.0/ Frame 1901 		1007 B
866 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
d4d421332a24c9c2499740b3660394e388bbdb88aad9356b95c558840fd82661

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hillreporter.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=7662516b-1d0e-4f00-99e5-e01d7ffe504d|1618486802
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hillreporter.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=7662516b-1d0e-4f00-99e5-e01d7ffe504d|1618486802; Version=1; Expires=Fri, 15-Apr-2022 11:40:06 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618486806|mOgegqnskin0vNomiygu; Version=1; Expires=Fri, 30-Apr-2021 11:40:06 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 15 Apr 2021 11:40:06 GMT
content-type
text/html
content-length
548
content-encoding
gzip
via
1.1 google
alt-svc
clear
31090876-2425-e2be-f2e4-3e00e48eaef9
pr-bh.ybp.yahoo.com/sync/openx/ Frame 1901 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/31090876-2425-e2be-f2e4-3e00e48eaef9?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:40:06 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 1901
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=RpI5Fyll1Lx0lU5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=RpI5Fyll1Lx0lU5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:06 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Apr 2021 11:40:06 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-013d87c18de960209@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=RpI5Fyll1Lx0lU5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1901
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=b261bd84-9361-4350-94c8-8bf01b151ca1
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=17df82ce-6b2e-4498-9714-15534a9cc89e&ssp=openx&expires=30&user_group=5&bsw_param=b261bd84-9361-4350-94c8-8bf01b151ca1
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=b261bd84-9361-4350-94c8-8bf01b151ca1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=b261bd84-9361-4350-94c8-8bf01b151ca1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:06 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=b261bd84-9361-4350-94c8-8bf01b151ca1
date
Thu, 15 Apr 2021 11:40:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
redir
rtb-csync.smartadserver.com/ Frame 1901
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDU2RFN0E4RXdBQUNyWDJQcmlGUQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACSdE7A8EwAACrX2PriFQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACSdE7A8EwAACrX2PriFQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
0
0
sd
eu-u.openx.net/w/1.0/ Frame 1901
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=54266078-2614-4400-81ba-aa6d52ceb200
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=54266078-2614-4400-81ba-aa6d52ceb200
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:06 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 15 Apr 2021 11:40:06 GMT
Server
MT3 3660 495c301 master zrh-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=54266078-2614-4400-81ba-aa6d52ceb200
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Apr 2021 11:40:05 GMT
sd
us-u.openx.net/w/1.0/ Frame 1901
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=iHqx2Yx8t9STe7KEjX6r1d944ICTL-DRji_bT7Rs
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=iHqx2Yx8t9STe7KEjX6r1d944ICTL-DRji_bT7Rs
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:06 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=iHqx2Yx8t9STe7KEjX6r1d944ICTL-DRji_bT7Rs
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 1901
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1821842302308344554
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1821842302308344554
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:06 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:06 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1821842302308344554
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 1901 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a5ce6e32-b489-70f7-c333-28f51bd963b0&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.73.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-73-212.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 1901 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODlhMWJkZjgtN2RmZS0yZTUzLWQ2ZDMtNzI0Y2QxM2JhZGQw
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1901
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH5Oz5_DS_fwtgWq6-5DjPQ&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH5Oz5_DS_fwtgWq6-5DjPQ&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:06 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH5Oz5_DS_fwtgWq6-5DjPQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 91D2 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=109126&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 15 Apr 2021 11:40:04 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
visible
trc.taboola.com/hillreporter-hillreporter/log/3/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/hillreporter-hillreporter/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210414-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 15 Apr 2021 11:40:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1618486807.234006,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://hillreporter.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
log_event
www.youtube.com/youtubei/v1/ Frame 8E93 		28 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/82e684c7/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/hszd21sQa0s?feature=oembed
X-YouTube-Client-Version
1.20210412.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtNSVZSdnRDSFJSOCiPzOCDBg%3D%3D
X-YouTube-Ad-Signals
dt=1618486799983&flash=0&frm=2&u_tz=120&u_his=4&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C765%2C430&vis=1&wgl=true&ca_type=image&bid=ANyPxKqFTZEVjqnf2eHQIYGroNiwPbweEiTVX_aRpCdbpX3DjqeNxvb-WYAhdj0-HpWSEfgOSNOCw7Lhyoqr2U_vPyy8YxJX1w

Response headers

date
Thu, 15 Apr 2021 11:40:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 15 Apr 2021 11:40:10 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=505&height=284&pubid=169497&tagid=953497&crid=5397665&noaop=5&sortOrderType=0&cb=1618486811370&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1056001&pt=82376372&tz=120&viewable=true&ddast=V7SccCFgPhEdxJrOI2kgThEdxJrOI2kgUAAAAGBuIHHDhjTEYsEoO3WAwGk-FuM5wMRsvhZLdazIaggTPGZMQiMXiLxWAwGe42u8VuNlosZ5spYAjL7PcdFJTT02N2GURF19tidzjNnjecoel0-Fz3eqHTbLa8DH_L6WW5a_xuv-5h-hjdsqfH5dYczk6Py_MW_X0u09FlecueJpff89bb3CK_3WE2uUWX19vweWschqfpb3Yr7Z7X5fLymJ5-u1s5HCyHcwAAAAB4AJDiCoX4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABAQKjUAKDkSBCHxeKyPD1GfwAAPBSAAAAIYJAAFDCdlABo0GadAAAAAAAAAACw_P___8cMzMc_ygCAuCX1ADz4ADwQFawWMQIAAADIpV4dOprUCZVFFQAAQboVwBUAQABeNRWsdRgAAEDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxN6Gr1OAxou_FD7BQQAWPsFBABgUzcAgDcBuKAjaMVgsLqAmB0AAADA3f___78eyKxMI99yYzFsXKvBwrIyDGbG3cxmcQ0WppVrN9ge3HJk5ki1tHEfhrDMft9BQTk9PWaXQVR0vS12h9Psud-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJjghw9FmshrtVrvJcjgZjWabyQYpWrWajTaD4Wo2me12q-FguByNkKI1i9lkspiNlrvNYDkZDYaT4RBhZOYaWSab4VqwHBnXos1qtRYOdxu3YDVxWVbGkWXj8K1Fr4_pt1ssLM7BFgUD5PYiuEgnQqfZbHkZ_pbTy_IWOs1my8vwt5xelotYojlZpBPZZd9ZmUa-5cZi2LhWg4VlZRjMjLuZzeIaLEwr126wr8xcI8tkM1wLliPjWrRZrdbC4W7jFqwmLsvKOLJsHL616PUx_XaLhcU52Ddmi-FoOBsOBvvGbDEcDWfDwWDfoTN8V5-z0VkrljwusWRYPO5k5oPCZbB4f0eLNHbrzYwqr9hiUW2eOe_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3m0KGKJ4HSRTkQv4-kilkieFulEM5otPIbhyjYZLjwm38Y1Mw4Hu9FmtbEsl5vVyCKWKE0X6USve5g-Rrfs6XG5NYez0-PyvEV_n8t0dFnesqfJ5fe89Ta3yG93mE1u0eX1NnzeGofhafqb3Uq753W5vDymp9_uVg4Hy-FE_UeHGK7mksVkrtgt5rLdKgEAAAAAAAAALGHOvAkAAADAaTCj3WK3Wi6AhM237k85UdDI9PzGborvcFXKS8ZZcePHGeg0my0vw99yelneQqfZbHkZ_pbTy3JlAAkbbubNnglirVbLGgAAQAAbAAAggFs3b4FjkRw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1750105&dpubid=347175&abtst=adh5c-1_vA!insc_vA!smbs!sre_vB!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fhillreporter.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
29517e7c16e8b0117d58462fa3a4577b75e6d1e22915e88e3b7820faa29c0da6

Request headers

Referer
https://hillreporter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Apr 2021 11:40:11 GMT
content-encoding
gzip
server
nginx
machineid
1436
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://hillreporter.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=72
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACSdE7A8EwAACrX2PriFQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Verdicts & Comments Add Verdict or Comment

297 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery function| fbq function| _fbq function| documentInitOneSignal object| OneSignal object| propertag function| gtag object| dataLayer object| _taboola function| toggleMenu object| date object| wp object| alm_localize object| ajax_load_more_vars function| pb function| beacon object| _oneSignalInitOptions object| google_tag_manager object| ajaxloadmore object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime function| almInit function| almUpdateCurrentPage function| almGetParentContainer function| almGetObj function| almTriggerClick function| IScroll object| _stq function| st_go function| linktracker_init object| wpcom object| twemoji boolean| payload_loaded object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| properSpecialOps object| googletag object| _qevents function| proper_log function| proper_debug_console function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant object| TraceKit function| UAParser string| PBJS_USER_ID_OPTOUT_NAME object| device string| SYNC_ENDPOINT string| NON_MEASURABLE string| ENDPOINT_TEST number| accountId function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| proper_ad_page_uuid string| requestType number| timeout boolean| edge string| bidder boolean| withCredentials function| proper_80ebb260_41fd2061_1 string| proper_ad_session_uuid object| TRC object| _tblConsole undefined| msg object| _comscore string| pubcidCookie string| x number| placementId object| apstag function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TRCImpl number| taboola_view_id object| ggeac object| google_js_reporting_queue function| udm_ object| ns_p object| COMSCORE boolean| apstagLOADED function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| mantis_uuid string| nam object| placementData object| _tfa object| cmTag object| _cm_wfCounters string| lastWfUrl undefined| define function| startCMTagMain object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id string| category function| webpackHotUpdate function| shuffle object| arrToUse object| travel object| news object| mobilecontent1 object| mobilecontent1_new object| travelmuted object| movietrailersHD object| movietrailersHDmuted object| widescreen object| movietrailerslight object| landscapeHD object| landscapeHDmuted object| blank object| blankblack object| blankblack7 object| blankblack5 object| blankblack_mob object| blankwhiteHDmpg object| blankblack10 object| blankwhite object| blankwhiteHD object| black_loader object| lightweight object| lightweight_single object| lightweight300600 object| bonnier object| home object| lipstick object| shoes object| art object| infiltrator object| glass object| lemurs object| NBAshoes object| Sunglasses object| Hummus object| Short_food object| Short_swim object| Euro_news object| Automoto_TV object| Uzoo object| SmartDuvet object| Tiger object| Chocolate object| Logan object| Jacket object| Bike object| Kanye object| Cancun object| Smartwatch object| Helicopter object| dogshampoo object| icetea object| charger object| blueysmoothie object| ShortContent object| carbsandwich object| pisatower object| Food1 object| Food2 object| Food3 object| Food4 object| Food5 object| Food6 object| Food7 object| Fashion object| Lifestyle1 object| Lifestyle2 object| Technology1 object| Technology2 object| Technology3 object| Entertainment object| Scrambledeggs object| Spinach object| Bub1 object| Pokemon object| style_hacks object| Motorcycle object| IceCracking object| Manatees object| Daiving object| Fishing_Lure object| Shark object| HundredsManatees object| TigerShark object| MandelaPrize object| Bertram35 object| bushfire object| Snow object| Delta object| Wheels object| Yellowfin object| Grip object| Kawasaki object| Yoga object| Cat object| Chickens object| RZR object| bitcoin object| bmw object| wombat object| koala object| Marsupial object| puppy object| bitcoinMuted object| bmwMuted object| Wallabies object| Bunny object| Pumpkins object| Dogs_Stress object| Dogs_Stress_image object| lightweight300600_short object| playlist string| vpaidId function| OvaMediaPlayer object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests

19 Cookies

Domain/Path Name / Value
.taboola.com/ Name: t_gid
Value: 05a14eea-82df-42ed-ad29-0e55ed1028b8-tuct771ab91
.youtube.com/ Name: YSC
Value: AeXQRJLORqc
.hillreporter.com/ Name: proper_tracker_cookie
Value: eyJwaWQiOiIiLCJiaWRkZXJzIjp7InZlcml6b25fbWVkaWEiOjEsIl9fY2ZfYm0iOjF9LCJwcm9wZXJfdWlkIjoiYTZjNjlkZmYtMmJkZi00MzcwLTliZjEtYzQyMDZmZWFjN2EyIn0=
.hillreporter.com/ Name: __cf_bm_cookie
Value: 201049f0d805128377ee2d8abf07c4b3dae6e069-1618486799-1800-AUIz4Da96f60hxV/wJBfhpS3BovAH+rV/T+F/lwTUSr/NL55LPXa9AEdO/ow82ISZhSWi5G73tx+cLxgR9tsz4LJ8NIldV9wAXkOiE77C+cD
.hillreporter.com/ Name: verizon_media_cookie
Value: y-MNp8vXtE2uGXPEcipsF7UI1pfAmCVcfZ~A
hillreporter.com/ Name: _lr_retry_request
Value: true
hillreporter.com/ Name: PHPSESSID
Value: 6200aa7b16c7f22f0a3fb8a3fc679e4b
hillreporter.com/ Name: trc_cookie_storage
Value: hillreporter-hillreporter%253Asession-data%3Dv2_3e4d79cb0c550a2e00f87ffb50a4e570_2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90_1618486800_1618486800_CNawjgYQ3-1IGKXd0qqNLyABKAEwoQE4l-oLQJWXEEjf3NwDUP___________wFYAGAAaLGv6bXK_ffOrQE%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522hillreporter-hillreporter%253Asession-data%2522%252C%2522taboola%2520global%253Alspb%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Alspb%3DCwsIQhCckGoMCwjDARCckGoMCwiJARCckGoMCwiRARCckGoMCwggEJyQagwLCKEBEJyQagwLCKIBEJyQagwLCCQQnJBqDAsIJxCckGoMCwirARCckGoMCwitARCckGoMCwiuARCckGoMCwiwARCckGoMCwiyARCckGoMCwi1ARCckGoMCwi2ARCckGoMCwg7EJyQagwLCD8Q3PlpDAwTFA%7Ctaboola%2520global%253Auser-id%3D2f5d2238-09d8-4355-887c-05be2e8d2ca7-tuct771ab90
.hillreporter.com/ Name: __qca
Value: P0-126846987-1618486799973
.hillreporter.com/ Name: properSessionData
Value: eyJ1dWlkIjoiZTM5NDIwYzUtMzBhZC00ZWY0LTkzY2YtYTNiODBkODNmZTEyIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fdGVybSI6IiIsInV0bV9jb250ZW50IjoiIiwicmV2ZW51ZSI6MH0=
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: MIVRvtCHRR8
hillreporter.com/ Name: _pubcid
Value: d4754b3b-b443-4b53-b7cd-2ecde54f28d8
hillreporter.com/ Name: wordpress_google_apps_login
Value: 0ed3e32f3878ce412f9fc0ea6e63f89a
.hillreporter.com/ Name: _gid
Value: GA1.2.822825248.1618486800
.hillreporter.com/ Name: _gat_gtag_UA_100615071_2
Value: 1
hillreporter.com/ Name: paddos_PfVNe
Value: 1
.hillreporter.com/ Name: _fbp
Value: fb.1.1618486799926.619272664
hillreporter.com/ Name: _lr_env_src_ats
Value: false
.hillreporter.com/ Name: _ga
Value: GA1.2.607603906.1618486800

14 Console Messages

Source Level URL
Text
console-api debug URL: https://info.silobreaker.com/e2t/tc/VX1XY05VxkKWW6M4Y0W1bSNv5W5VG-2S4qqlXWN5VHnTN2-HwrV1-WJV7CgXSVW3yh6wD91XcNGW2r6DCS5cJnhgW75Zj7S1DZ7-bW1-Tnhd519Nq7W5CpgfM29nwxWW3Hh2qz8lZ5vrW6M0yTg6rZ_FCW61TCpy2p3mpJW3R-pds86QHC8W8j5gYc7cbP6SW72tgYf97nhVpW8FJgD65VFCHyW4mNPNx5cCTdFVtszJ-1pnlV0W674gDx1_3Jf5W3xzwNq6vQDs7W1c1V4p4VpX4hW5KHy6h6KSk7LW2Vy4jw7j1J32W4YYt674q28sNW2V9gRC9j7fTSW2Y09LZ3_F6fCW8dT66L7zjylXW1w5rrN82Czj-W2-vcHj3K9lkVW6TZ-s6896X2f357f1(Line 13)
Message:
toS
console-api log URL: https://c0.wp.com/c/5.7/wp-includes/js/jquery/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 11712)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 12050)
Message:
GDPR CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 11712)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 11712)
Message:
USPAPI workflow exceeded timeout threshold.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 12050)
Message:
GDPR CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 12050)
Message:
CMP workflow exceeded timeout threshold.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 11712)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 12050)
Message:
GDPR CMP not found.
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://hillreporter.com/watch-vice-splices-together-videos-of-donald-trumps-capitol-insurrection-98098?_hsmi=96965274&_hsenc=p2ANqtz-8RHQuCCO2Zeix4hKJryTfK6exihXPDfXSXm6pqQZaPRvKOHFwvDOsAotZM6QSzs1FIIJVPJNAcbroxz5uLD9hPDWyEm5UEfJ82Ea77a1iyRhOdM3Y

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
6c8eb98f3da894e8e3c42ca4b0db63d4.safeframe.googlesyndication.com
a.teads.tv
acdn.adnxs.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
adservice.google.com
adservice.google.nl
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ap.lijit.com
api.rlcdn.com
aud.pubmatic.com
bh.contextweb.com
biddr.brealtime.com
bids.proper.io
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c0.wp.com
c1.adform.net
cdn.ampproject.org
cdn.hillreporter.com
cdn.onesignal.com
cdn.taboola.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d5p.de17a.com
dis.criteo.com
e1.emxdgt.com
eb.proper.io
ecs.mantisadnetwork.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
global.proper.io
googleads.g.doubleclick.net
hb.emxdgt.com
hbopenbid.pubmatic.com
hillreporter.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
imprammp.taboola.com
info.silobreaker.com
mantodea.mantisadnetwork.com
match.adsrvr.org
match.taboola.com
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
propermedia-d.openx.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rules.quantcount.com
s.c.appier.net
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
static.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
sync-t1.taboola.com
sync.mathtag.com
sync.search.spotxchange.com
sync.taboola.com
sync.teads.tv
taboola-supply-partners.tremorhub.com
tag.1rx.io
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usync.proper.io
vidstat.taboola.com
visitor.fiftyt.com
wf.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
api.rlcdn.com
pixel.tapad.com
rtb-csync.smartadserver.com
104.111.230.142
104.111.242.245
104.17.119.107
136.243.171.217
141.226.228.48
142.250.186.162
151.101.13.44
169.50.137.190
172.104.64.149
178.250.0.163
18.156.0.31
18.158.167.137
18.184.153.186
18.193.136.159
18.194.69.169
18.195.155.181
184.30.20.185
184.30.20.198
184.30.21.51
184.30.212.16
185.29.132.144
185.33.220.243
185.33.221.90
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.106
185.86.138.114
185.94.180.125
192.0.76.3
192.0.77.37
192.132.33.46
193.0.160.128
198.148.27.140
199.232.137.44
199.60.103.2
213.155.156.182
213.19.147.210
216.52.2.19
216.58.212.162
23.111.200.117
2600:1f18:612b:4200:8331:bab2:3072:ce38
2600:9000:20e8:ca00:6:44e3:f8c0:93a1
2606:4700:10::6816:1857
2606:4700::6811:4e22
2606:4700::6812:e234
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:800::2006
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2006
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c02::84
2a00:1450:400c:c04::9c
2a03:2880:f013:d:face:b00c:0:3
2a03:2880:f113:81:face:b00c:0:25de
3.123.167.229
34.98.64.218
35.158.49.68
35.201.96.126
37.157.4.41
44.238.170.237
52.11.196.81
52.208.73.212
52.22.61.253
54.36.109.186
54.93.211.166
69.173.144.165
77.243.60.138
88.99.251.232
99.84.153.196
99.84.156.73
023c72aeb3ef5fc792389b99af0cd88e4da1c0d2a8550127327e2c93176699f0
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04b24cc75d726600ecd77219c27bcba8a1e4d100c3dd411a2ea30e0167b414ee
0574e172e3545369b75a00ab474444ad0b84bc2c6dd4f93c302d19d5c555fecc
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
071701173a5b79742caaf8af48badc722af2d968e6e5d4dbfac0fff8931372ab
08437f845cf4ca2ea85df39d43f62ee10281380a36c15a8460a5c7d37711e4c1
0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
107cac64ca1144b1403f6070c6c452d61449add4a74ed024891be43fd3295776
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1574e89f09d15f5c0b502e03318bf8e42f6993bc76761f01d4189d9c7cac1a2f
16c4f109b12e909b1789636cfb11f8603d443ff6945e589e676de1e5f929d274
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184ecbddcd3f84a381664f16f72b14756d767956be6c18b89045d22ea3100761
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a58c1fbacc6314b7327e69bbf051b860af1fa3f4b89630160e5b83b1ec53d94
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1e6662b8b295c71101c9f35d779ed40909cf8e2d199405dfbc86687e47a9b608
1f6a88ad0db43030b4ed05b1284ed1a6c4a52002a9890705fc4270dddb459755
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
24f8db0cbffb9df08e4f3d194e9c9ccfc74a4c6b728bb5a61475464a77c00f43
29517e7c16e8b0117d58462fa3a4577b75e6d1e22915e88e3b7820faa29c0da6
29778a6252b89c79ad8a313692c3f4b8ff5e300c463858732f28da488dd2cc05
2a5a0cb739264343c5c68eefab8b3e240503a08697b841e1a3e451eee0326c63
2a9919dba758e9c6b34949c20ea05be4ec312381d469584837a21f244e1b536c
2a9acba57d0b599c84197ec44c8de64d05511e3d826c925443c228a0ede62115
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b36630357f0c82fc1b205e5746211bf76d2bbc2ea1fe577ea6a10c10061b166
2bcada7e597306aa928055e8f6c099104b077cc5e2c58ab8ef3ab13882e8bccb
2de6c400bcca0eb96d7082352036b9416f9cd13fb0ae8e415fff66b91ae757e7
2e4d26ad8a054d6c74e9b4dd9bd7f65bb8be1697743cf2dbe6bff108a1aee496
3126d6fe6f0d70290799f39d4c4cb15e370bae5c545ec9b710b60ca9d0a1a4ba
34bb9ee90de7a84db27e842107dd26bd4e93499375676a6df732087d1a0b3693
351033311772ac0d63ab9d8bbcffd1a30752603f66cc97a7deefd46977be87bc
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37974cc78fb3808817d5e8291c2ed08589599025d435b81d38fd453fcee0c9a0
3a0db6e7ba8d477feb2425d4a1252a5600b6cb8442b1f361769ec80274ac2ab8
3a15dcd9ab2d6df67ec47d9536d524ee8b5840c9cd88a09aca1ed2a9918264a0
3b2738076279a02dfda00b02f8ee435e9cebb77b535a6b9dfe21b5523a5cde08
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3cde7327c67a2bde4b077ce381cda87e1cdbc5b0e7eab38f7c4ab06078f97ed5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fa2d05c853e9ae626a42e17be01f3959480d9a36518b9f35c7647750dab6fff
3fa473d6b3c64226cfee6729a9c111dcef10b1312b1f5806036e7ea8348b2f7d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
422fd2220bef50b2c89586dcec80be3c094ad508ff6c27687c44e0c2aa4c001c
44258eeefa186c81937ac590a3f5daed5025de4af3c37aad4289c9d820fd5419
45d2f99f623534fc8aa373077e54006295084f34022fdfdfa5f2b44169b3df22
4622efd01182604d0c70e3f5dd8186ae28f50e27cf0d4af8d68f492a7191b72a
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
46af55aacefb6fd164b7aee49cae754af8a2eb481c8e7f2b805c67865c206ffe
47a5ddaabfbcd2541cfebf6059f539e4e630fb138ff90d09e9bcd7abc3c23753
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eeeaa4e345fef8be54d0a26426b4fb41a4fa9110bf30cba2254472189aca82c
50783871cfc53444e0c5b33d3be30e99fbe92f655848bbf1ebae012b0f9ce81d
53da7e4b2b784af81549ddfe3ebc3374f06ef290f620c5f2aa231530da07445b
5421a0a28d791c01667d1dcc004a7fe6afae973c9b08d31e3d8aa663b6097330
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c1c30811521e2a8e3f1f66d6e550b2d48a250cd11b81223180c9b3fb2f29c3b
5dc12a47030745caf7cda8a546066d28765b3fc0331209aa838e45ff01b8792c
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
614720662b401ebcc2e88a3b22d87311f4084e22881644ea7940d9841fb3dcf9
62047a86a85c9b45c8907b73888f38a1c6b3480ccfd935a12724754bc873baa3
62b21622643f19b8edeb98d7306483cb3e63b6a1b911ef2a334e3491b96362d2
647c226cf491168b04b3ae87a1dcf648640b8affe7ee736e96ccf754276caf69
66cb8293061d2e2adbf2a0ba280aa184e50b4a225caa7562215e5c6ab60c133c
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69e59411a8c72a289854d415a1baa0b01d9fb642a78932dc4d45ef583947bb30
6a287ae8d7772cc6782d3dfb12b7c06a36258782789d74bfb37642cdc0540f28
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ad98284a3cdd51585af0a9757abf80aff017c041f0ecdc93b87f27dbef0a012
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bfc1cffba6bac80d7d839716f8aaac9a11c922685738ce9fe8ac273edcda947
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
720ddd4787fb99b285d201418703a00279cbe51d5adcd297a939c2ad2a58800a
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73d6f1f8fe43528efa910c4936737f7ace2f83d5ebf4ed85bba7a617975ae9f6
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
75bda79381d0f3e8fef483deb525dbbb64997a751a33e3901f3e62bc555501df
7a25042854954b3b8bc10b56ecef1bc6082e1aa344f77f1eea6403d120525936
7a3f7218703989b2b5daf92319273724ea24f6948631c1376a936ba12bda72e2
7c6a6df5191e57dc9d61ac304822f77292e39d86f97740389903a3ba2b681847
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80081d890f45ee1a0a917099afc442b25e7ff2b9f0f4a27b47aae95014f0c6ec
801f688e9f903e7eade76bd18fe6464bae88cf877886264f2b638692c34463cb
8039e55bd4746350f2afb2187ec8271e80c4dc8b0972bf24a47d45ebc17203a3
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
840b7ff605ff039db70630ab6f6813cbcfbbf4102a3a43e8cf1e41be47772559
847eb5078a68fe834f84d51a8d1906edeb9f375a23dcd6718b5fb89fa16b150f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8670af697b68ba7d95cc1bef01d95bec58aa039a7e7149a327bd47a6cfd13a74
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8ba1617a5fa1cfa3fb15e3aa64749af2906ae591464b29721f8cdc6005975348
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8d3411c961b332008c61452f483ada3da4cd0fd06cc264c7f2facfb01bc4b1d5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
94cf45f3a7ae6b81b94c63eb9a4b26392fb410fa3485ab747c65cdf548744453
951a3b8ec1c6a0ae2767a3bb90ba6995397c5d13bd7ff79ea0bc87529b8024ea
98df0c08f0bcc86bd3397315ef1b9a24ea5593c6e753dc4afcc2d476b671432e
995961d18918d2b6d164da075db983959edfceea84e3303a7a3cdb9171ba6fff
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99ce2c3cb798473e57719d7f668f4498844db6c60c617a6bfabd078e71ac6f32
9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb
9e517641e1c47d965766f6b39e1293ada96d8c04ee1ba730cae2c73344486f22
a0629031816d0591f39e6b72e3f839f7b40e8afd44b8ce0da0cbd171ae0e6253
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79650a74e1a44d75b08ae03e937d64a439cf66f6ab84920cdbf351c11592cfc
a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d
ab14b79b2768869305d03d0c2a02ac4cb427b74264bd11e996d36d2c08477914
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
afd9062fd1f7eb87567ea1769bf196110e7aba797175988e28091c6ef4de736c
b2d5ff4c06a80170265efc9cf317cd1cf0d02ae0002ec6cf028e31d49ff9f188
b32f98003a8e911f740800de935f86bc6c3deb69be717b5cf68c5642e2b57c61
b80f9996f4ee83ac7e0cdc7b04f9e4150a90d41bbf901e7ea4a646d53f334a92
bc4703203d777e92d2b1e5006deee6f4480203a4dd18b1ca34aa45aedd83fb6f
bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2
c1aa3c3bda930613943dfd67fa08e7fcb3c5165d792860b67180a14271a73acd
c23d2c9f5b7e41763b497c7692a53ce1e675ae659bdc34465ca28ab0303f0720
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c7507f5d2ea00fa7205914f8f198489e2c1132c4d871cba21cc93c9a756277be
c7a91e8ae78a2017b775f76cad66241ca3c2728228866622dc90cad71144e245
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc9bc1b8a8d7d7140117999c802b9be2e00337e9ab4bd7c69aff5ae57afa116c
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
ce6a94f742ca18a956d8dfe106eba2998038e16eae49f28b4ee632b87e6117c1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d22a85c3f4e82768c699c75ec2893d3b278f4e8e57225396b9039461f1cbe08b
d4d421332a24c9c2499740b3660394e388bbdb88aad9356b95c558840fd82661
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8517c4fadcb44c4ca68772f55473a9e5f9bd516c2bb0857d902a5673bcd36a5
d9084c8d15d1443f22f31d7724ae80d662d69d384d206213458cc784ebd3bf9a
db7927ce947705c4d2a7d6b00fefe782f3b86d14868e579f2947465058d4d007
db8be4a0e52d8799ebceedc633dcd7e52e7cb25f48e18f76203c8243a432a700
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58a87f17a2872afb7d9cc628291ac6efa3a13e6b95a9be6dcaf638bfc33f820
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
ea6cba61b51b4c7951e322447bb3661c5373eade7dd4b0fa0c6ebcf1303a0ba2
eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb984063f9bb93391d94456e74ab6eb25cc51c43e6a94d6cab39eae0090830f
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f375c25a0fa8bca70ec4820bf2175be2a74198b5b9209cc65f5cf5a4cdefea69
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7d0de83560f0ff7a38e0f6eda63d46eb70586c4e215cdce98ed3891a16bf7d2
f87923615547e22aa7c48ad357a86198424198a3cc1e408daaf6f63a9a8b6305
f9e527ede1bddea6d9bd701f8cff4380a57c37bd4af0fc9e1e8ef46dea35d9ed
fd5cb099e20880a844303f3fa924ec36445155c0e874418b092dde6a6b5dcfe9
feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c