www.mediaite.com Open in urlscan Pro
2606:4700:10::ac43:1906 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Effective URL:
https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Submission: On July 04 via api (July 4th 2024, 9:55:18 pm UTC) from LU — Scanned from DE

Summary HTTP 143 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 62 IPs in 5 countries across 42 domains to perform 143 HTTP transactions. The main IP is 2606:4700:10::ac43:1906, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mediaite.com. The Cisco Umbrella rank of the primary domain is 102927.
TLS certificate: Issued by WE1 on June 14th 2024. Valid for: 3 months.

This is the only time www.mediaite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:10:... 2606:4700:10::ac43:1906	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3b6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:3a6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:6fdf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.92.210.209 52.92.210.209	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6812:186f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	18.239.36.75 18.239.36.75	16509 (AMAZON-02) (AMAZON-02)
1 4	18.239.83.58 18.239.83.58	16509 (AMAZON-02) (AMAZON-02)
5	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	87.230.98.78 87.230.98.78	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
3	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 _) (CDN77 _)
1	2600:9000:223... 2600:9000:223c:f400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0b::54	15169 (GOOGLE) (GOOGLE)
1	93.184.221.165 93.184.221.165	15133 (EDGECAST) (EDGECAST)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
3	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	87.230.98.76 87.230.98.76	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
1	2600:9000:224... 2600:9000:2246:9800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:203... 2600:9000:2038:6a00:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
1	18.239.36.129 18.239.36.129	16509 (AMAZON-02) (AMAZON-02)
1	108.138.192.109 108.138.192.109	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:196f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.239.70.203 18.239.70.203	16509 (AMAZON-02) (AMAZON-02)
1	44.215.185.146 44.215.185.146	14618 (AMAZON-AES) (AMAZON-AES)
2	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:225e:8400:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::6812:2b5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.196.100 18.66.196.100	16509 (AMAZON-02) (AMAZON-02)
1	108.139.243.28 108.139.243.28	16509 (AMAZON-02) (AMAZON-02)
6	3.160.219.176 3.160.219.176	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.78 13.32.27.78	16509 (AMAZON-02) (AMAZON-02)
2	108.139.243.80 108.139.243.80	16509 (AMAZON-02) (AMAZON-02)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.102.36.95 104.102.36.95	16625 (AKAMAI-AS) (AKAMAI-AS)
4	3.221.23.185 3.221.23.185	() ()
5	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.36.224.135 52.36.224.135	() ()
1	104.244.42.8 104.244.42.8	() ()
3	35.86.11.69 35.86.11.69	() ()
1	34.111.8.32 34.111.8.32	() ()
1	54.234.151.247 54.234.151.247	() ()
1	23.211.5.91 23.211.5.91	() ()
2	23.20.158.212 23.20.158.212	() ()
1	2606:4700:10:... 2606:4700:10::6816:445	() ()
1	54.228.55.244 54.228.55.244	() ()
143	62

15 2606:4700:10::ac43:1906 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mediaite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am14.mediaite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am11.mediaite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am13.mediaite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am12.mediaite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3b6e (United States)

ASN13335 (CLOUDFLARENET, US)

am14.mediaite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3a6e (United States)

ASN13335 (CLOUDFLARENET, US)

am12.mediaite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:6fdf (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.210.209 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

simple-cdn.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:186f (United States)

ASN13335 (CLOUDFLARENET, US)

profusesupport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.239.36.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-75.ams58.r.cloudfront.net

ads.adthrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.83.58 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-58.ams58.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.230.98.78 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ds87-230-98-78.dedicated.psmanaged.com

b.delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:f400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.230.98.76 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5050018.psmanaged.com

c.delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2246:9800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2038:6a00:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.36.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-129.ams58.r.cloudfront.net

ads.adthrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.192.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-192-109.mxp64.r.cloudfront.net

c.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:196f (United States)

ASN13335 (CLOUDFLARENET, US)

soggysponge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.70.203 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-70-203.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.215.185.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-185-146.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

mediaite.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:8400:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2b5a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.196.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-196-100.mxp63.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.243.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-28.mxp63.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.160.219.176 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-219-176.mxp53.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-78.fra56.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.243.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-80.mxp63.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.36.95 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-36-95.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.221.23.185 (None, )

ASN- ()

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.224.135 (None, )

ASN- ()

postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (None, )

ASN- ()

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.86.11.69 (None, )

ASN- ()

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.8.32 (None, )

ASN- ()

events.bouncex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.234.151.247 (None, )

ASN- ()

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.211.5.91 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.20.158.212 (None, )

ASN- ()

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:445 (None, )

ASN- ()

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.55.244 (None, )

ASN- ()

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	mediaite.com www.mediaite.com — Cisco Umbrella Rank: 102927 am14.mediaite.com — Cisco Umbrella Rank: 139445 am11.mediaite.com — Cisco Umbrella Rank: 127890 am12.mediaite.com — Cisco Umbrella Rank: 124330 am13.mediaite.com — Cisco Umbrella Rank: 132090	846 KB
10	amazon-adsystem.com c.aps.amazon-adsystem.com — Cisco Umbrella Rank: 12007 c.amazon-adsystem.com — Cisco Umbrella Rank: 357 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 746 aax.amazon-adsystem.com — Cisco Umbrella Rank: 494	79 KB
8	adthrive.com ads.adthrive.com — Cisco Umbrella Rank: 7183	560 KB
6	bounceexchange.com tag.bounceexchange.com — Cisco Umbrella Rank: 5030 assets.bounceexchange.com — Cisco Umbrella Rank: 2825	187 KB
6	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 986 platform.twitter.com — Cisco Umbrella Rank: 1433 syndication.twitter.com	31 KB
6	consentmanager.net b.delivery.consentmanager.net — Cisco Umbrella Rank: 23697 cdn.consentmanager.net — Cisco Umbrella Rank: 14456 c.delivery.consentmanager.net — Cisco Umbrella Rank: 32144	122 KB
6	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 844 pm-widget.taboola.com — Cisco Umbrella Rank: 3606	263 KB
6	google.com apis.google.com — Cisco Umbrella Rank: 217 region1.analytics.google.com — Cisco Umbrella Rank: 3125 accounts.google.com — Cisco Umbrella Rank: 45	121 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	518 KB
5	powerad.ai powerad.ai reporting.powerad.ai	52 KB
5	gstatic.com ssl.gstatic.com	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com	21 KB
5	youtube.com img.youtube.com — Cisco Umbrella Rank: 1994 www.youtube.com — Cisco Umbrella Rank: 96	154 KB
4	postrelease.com postrelease.com jadserve.postrelease.com	2 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3147 launchpad.privacymanager.io — Cisco Umbrella Rank: 2373 geo.privacymanager.io — Cisco Umbrella Rank: 2209	74 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 188	8 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	160 KB
3	soggysponge.com soggysponge.com — Cisco Umbrella Rank: 149488	8 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	3 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235	176 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 5074 onesignal.com — Cisco Umbrella Rank: 1570	73 KB
2	brainlyads.com hb.brainlyads.com	16 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1954	171 KB
2	disqus.com mediaite.disqus.com — Cisco Umbrella Rank: 146922	3 KB
1	cpx.to p.cpx.to	5 KB
1	ad.gt a.ad.gt	4 KB
1	pubmatic.com ads.pubmatic.com	76 KB
1	bouncex.net events.bouncex.net	330 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 4267	179 KB
1	jwplayer.com cdn.jwplayer.com — Cisco Umbrella Rank: 3338	12 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1451	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1688	15 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 493	11 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 758	481 B
1	t.co t.co — Cisco Umbrella Rank: 726	376 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1607	632 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 905	15 KB
1	google.de www.google.de — Cisco Umbrella Rank: 8088	63 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1625	10 KB
1	profusesupport.com profusesupport.com — Cisco Umbrella Rank: 176727	25 KB
1	amazonaws.com simple-cdn.s3.amazonaws.com — Cisco Umbrella Rank: 179705	367 B
0	zprk.io Failed pixel.zprk.io Failed
143	42

	Domain	Requested by
8	ads.adthrive.com	www.mediaite.com ads.adthrive.com
6	aax.amazon-adsystem.com	c.aps.amazon-adsystem.com
6	www.googletagmanager.com	www.mediaite.com www.googletagmanager.com powerad.ai
5	assets.bounceexchange.com	tag.bounceexchange.com assets.bounceexchange.com
5	ssl.gstatic.com	www.mediaite.com
5	am12.mediaite.com	www.mediaite.com
5	am11.mediaite.com	www.mediaite.com
5	am14.mediaite.com	www.mediaite.com
4	powerad.ai	am11.mediaite.com powerad.ai
4	platform.twitter.com	www.mediaite.com platform.twitter.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	cdn.taboola.com	www.mediaite.com cdn.taboola.com
4	sb.scorecardresearch.com	1 redirects www.mediaite.com
4	connect.facebook.net	www.mediaite.com connect.facebook.net
4	apis.google.com	www.mediaite.com apis.google.com
3	jadserve.postrelease.com	s.ntv.io
3	soggysponge.com	profusesupport.com
3	www.facebook.com	www.mediaite.com connect.facebook.net
3	cdn.consentmanager.net	ads.adthrive.com b.delivery.consentmanager.net www.mediaite.com
3	www.youtube.com	am11.mediaite.com apis.google.com
2	hb.brainlyads.com	powerad.ai www.mediaite.com
2	geo.privacymanager.io	launchpad.privacymanager.io
2	cdn.confiant-integrations.net	ads.adthrive.com cdn.confiant-integrations.net
2	mediaite.disqus.com	am11.mediaite.com mediaite.disqus.com
2	c.amazon-adsystem.com	c.aps.amazon-adsystem.com
2	securepubads.g.doubleclick.net	ads.adthrive.com securepubads.g.doubleclick.net
2	c.delivery.consentmanager.net	www.mediaite.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	cdn.onesignal.com	www.mediaite.com cdn.onesignal.com
2	img.youtube.com	www.mediaite.com
2	www.mediaite.com
1	region1.google-analytics.com	www.googletagmanager.com
1	p.cpx.to	powerad.ai
1	a.ad.gt	powerad.ai
1	ads.pubmatic.com	www.mediaite.com
1	reporting.powerad.ai	powerad.ai
1	events.bouncex.net
1	syndication.twitter.com
1	postrelease.com	s.ntv.io
1	s.ntv.io	am11.mediaite.com
1	tag.bounceexchange.com	am11.mediaite.com
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	config.aps.amazon-adsystem.com	c.aps.amazon-adsystem.com
1	launchpad-wrapper.privacymanager.io	ads.adthrive.com
1	cdn.jwplayer.com	ads.adthrive.com
1	ping.chartbeat.net
1	c.aps.amazon-adsystem.com	ads.adthrive.com
1	static.chartbeat.com	www.mediaite.com
1	gum.criteo.com	cdn.taboola.com
1	static.adsafeprotected.com	www.mediaite.com
1	analytics.twitter.com	www.mediaite.com
1	t.co	www.mediaite.com
1	onesignal.com	cdn.onesignal.com
1	accounts.google.com	apis.google.com
1	rules.quantcount.com	secure.quantserve.com
1	b.delivery.consentmanager.net	ads.adthrive.com
1	static.ads-twitter.com	www.mediaite.com
1	www.google.de	www.mediaite.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	secure.quantserve.com	www.mediaite.com
1	profusesupport.com	www.mediaite.com
1	simple-cdn.s3.amazonaws.com	www.mediaite.com
1	am13.mediaite.com	www.mediaite.com
0	pixel.zprk.io Failed	powerad.ai
143	65

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
twitter.com
www.facebook.com
www.instagram.com
www.reddit.com
youtu.be

Subject Issuer	Validity	Valid
mediaite.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.apis.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
onesignal.com GTS CA 1P5	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-13` - `2024-07-12`	3 months	crt.sh
profusesupport.com E1	`2024-05-21` - `2024-08-19`	3 months	crt.sh
*.adthrive.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
quantserve.com R10	`2024-06-24` - `2024-09-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.de WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
b.delivery.consentmanager.net R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
1376624012.rsc.cdn77.org E6	`2024-06-27` - `2024-09-25`	3 months	crt.sh
accounts.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
c.delivery.consentmanager.net R10	`2024-06-12` - `2024-09-10`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
c.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-05-30` - `2025-06-29`	a year	crt.sh
soggysponge.com E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-16` - `2025-04-16`	a year	crt.sh
jwplayer.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
confiant-integrations.net GTS CA 1P5	`2024-05-14` - `2024-08-12`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M03	`2024-06-26` - `2025-07-24`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
tag.bounceexchange.com R3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2023-08-28` - `2024-08-28`	a year	crt.sh
powerad.ai Amazon RSA 2048 M03	`2024-04-28` - `2025-05-28`	a year	crt.sh
assets.bounceexchange.com WR3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
syndication.twitter.com R3	`2024-05-21` - `2024-08-19`	3 months	crt.sh
*.wunderkind.co R3	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2023-08-13` - `2024-09-13`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2023-11-24` - `2024-12-25`	a year	crt.sh
a.ad.gt E6	`2024-06-09` - `2024-09-07`	3 months	crt.sh
p.cpx.to Amazon RSA 2048 M03	`2024-04-24` - `2025-05-23`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Frame ID: A77BCEB88BBE6DAA00B55529705CE62D
Requests: 130 HTTP requests in this frame

Frame: https://www.youtube.com/embed/KCOSQ1qKASI?autoplay=0&mute=1&rel=0
Frame ID: E02CC915780EAF20607220F38604982D
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCGJNv0jLqnkp9VbEXTbRd5w&layout=default&count=default&origin=https%3A%2F%2Fwww.mediaite.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__
Frame ID: 60E68454D776CC83BC852C0B7BE2668E
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.mediaite.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__
Frame ID: B93BDDBAA87EC5347FD5024ADE4F1CCB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: C8555A67000925D9E9DF7FA15957AAE5
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCGJNv0jLqnkp9VbEXTbRd5w&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__
Frame ID: BBB69A28AE62777AC0D9F590F8AD59D4
Requests: 1 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/f52ed8d/html/i.html
Frame ID: 00F0A7F214F23ECA77BA80E2A8EB5794
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa1cff3451e4c2d8c%26domain%3Dwww.mediaite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediaite.com%252Ffa5ffc1763ec9ebbc%26relation%3Dparent.parent&container_width=67&href=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&layout=button&locale=en_US&sdk=joey
Frame ID: CF1B7642997FBFBF10C24DB1B0C93B64
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.mediaite.com
Frame ID: E551C766AB721143669E335D7FB35545
Requests: 1 HTTP requests in this frame

Frame: https://postrelease.com/iframes/topics.html
Frame ID: 1372865F42FEDEA775AE1E254DAEA779
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 943BA3F52A7FFDA8AF4B306285C04241
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: 65CCFF92B063F9FDB1E39C2095277E57
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: 11DF76933BDB56A67FFCB2B0A3378946
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Human Events and Post Millennial Websites Hacked

Page URL History Show full URLs

http://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-privat... HTTP 307
https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-privat... Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

143
Requests

99 %
HTTPS

48 %
IPv6

42
Domains

65
Subdomains

62
IPs

5
Countries

4005 kB
Transfer

12691 kB
Size

18
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/mediaite

Search URL Search Domain Scan URL

URL: https://twitter.com/mediaite

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mediaite

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mediaite/

Search URL Search Domain Scan URL

URL: https://twitter.com/share
Title: Twitter share button

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit

Search URL Search Domain Scan URL

URL: https://twitter.com/WilliamTurton/status/1786238180141695076
Title: replaced

Search URL Search Domain Scan URL

URL: https://youtu.be/lroJ-5DaF2s
Title: Play Button

Search URL Search Domain Scan URL

URL: https://youtu.be/q9O6E3KAQYM
Title: Play Button

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/ HTTP 307
https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://sb.scorecardresearch.com/cs/6035453/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/6035453/beacon-ios.js

143 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Redirect Chain

http://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

95 KB
26 KB

814ms
775ms

Document
text/html

2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d33de10f044be388ffc9c9d139336535561885ee547305488622a9d9cd9c9fce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

cf-cache-status: DYNAMIC
cf-ray: 89e25bb60a33b969-AMS
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 04 Jul 2024 21:55:13 GMT
link: <https://www.mediaite.com/wp-json/>; rel="https://api.w.org/", <https://www.mediaite.com/wp-json/wp/v2/posts/5541044>; rel="alternate"; type="application/json", <http://mediaite.com/a/eispz>; rel=shortlink
server: cloudflare
vary: Accept-Encoding Accept-Encoding,Cookie

Redirect headers

Location: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 related-posts.css
am14.mediaite.com/med/cnt/plugins/seotech-tagipedia/css/ 42 B
184 B 58ms
42ms Stylesheet
text/css 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am14.mediaite.com/med/cnt/plugins/seotech-tagipedia/css/related-posts.css?ver=6.5.5
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc7bb80e6d7bfffbc85ae2314c11c8ef6e92e2d9ba67f144ffb3bec24c5ab859

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Thu, 04 Jul 2024 21:55:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Feb 2020 07:27:51 GMT
server: cloudflare
age: 138650
etag: W/"5e3d1177-2a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 89e25bbafeddb969-AMS
expires: Wed, 10 Jul 2024 07:24:23 GMT

GET
H2 200 min.js Show response
am11.mediaite.com/med/cnt/themes/m2019/js/min/ 24 KB
9 KB 41ms
31ms Script
application/javascript 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am11.mediaite.com/med/cnt/themes/m2019/js/min/min.js?2401311500
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13b2d5629179d12b272d8e9b8369ba940e3bf8b81f1d222e80d74f4aaa6e1f5e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Thu, 04 Jul 2024 21:55:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 15:00:12 GMT
server: cloudflare
age: 94901
etag: W/"65ba607c-5ede"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 89e25bbafed2b969-AMS
expires: Wed, 10 Jul 2024 19:33:32 GMT

GET
H2 200 flying-focus.js Show response
am14.mediaite.com/med/cnt/themes/m2019/js/min/ 4 KB
2 KB 31ms
30ms Script
application/javascript 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am14.mediaite.com/med/cnt/themes/m2019/js/min/flying-focus.js?2106161638
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceedb3a311e1610e2e62c405b618d40560bd0f068cdf86cfb5bab4cf68e385ac

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Thu, 04 Jul 2024 21:55:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Jun 2021 16:38:46 GMT
server: cloudflare
age: 94689
etag: W/"60ca2916-ecb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 89e25bbb5f43b969-AMS
expires: Wed, 10 Jul 2024 19:37:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 50ms
23ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-9069088-1

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16177593023032a310fe37e6e8dde8f3620d12d3b0b3c7a9b167c008ba33a759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72751
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 21:55:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
103 KB 57ms
30ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ECWL4EPTZN

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f0da468ec3832b7f8190618fd3f380a0c3d9421f095e692973b82f8efd3d55d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104878
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jul 2024 21:55:13 GMT

GET
H2 200 am-franklin-700.woff2
am11.mediaite.com/med/cnt/themes/m2019/fonts/ 14 KB
14 KB 71ms
31ms Font
font/woff2 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am11.mediaite.com/med/cnt/themes/m2019/fonts/am-franklin-700.woff2?2106041514
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69b1faac5f52c20c991dcf5e73fa241d9fb3f8f7cbe3c4d94750ae1b05d7b0fe

Request headers

Referer: https://www.mediaite.com/
Origin: https://www.mediaite.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Thu, 04 Jul 2024 21:55:13 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 15:14:37 GMT
server: cloudflare
age: 99804
etag: "60ba435d-3808"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89e25bbb2aaa9fb4-AMS
content-length: 14344
expires: Wed, 10 Jul 2024 18:11:49 GMT

GET
H2 200 am-franklin-700i.woff2
am14.mediaite.com/med/cnt/themes/m2019/fonts/ 15 KB
15 KB 86ms
38ms Font
font/woff2 2606:4700:10::6816:3b6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am14.mediaite.com/med/cnt/themes/m2019/fonts/am-franklin-700i.woff2?2106041514
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4369e005746c8a2a0aab78e11d85497a54a3d969bc283d5b492409faeda922b7

Request headers

Referer: https://www.mediaite.com/
Origin: https://www.mediaite.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Thu, 04 Jul 2024 21:55:13 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 15:14:37 GMT
server: cloudflare
age: 104505
etag: "60ba435d-3c98"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89e25bbb2c448b40-AMS
content-length: 15512
expires: Wed, 10 Jul 2024 16:53:28 GMT

GET
H2 200 am-franklin-800.woff2
am12.mediaite.com/med/cnt/themes/m2019/fonts/ 13 KB
13 KB 84ms
37ms Font
font/woff2 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am12.mediaite.com/med/cnt/themes/m2019/fonts/am-franklin-800.woff2?2106041514
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da206ff8e60d35e2ca003978c7f27a2a46a02e4c63abd632b3a2ebfe1bd8835

Request headers

Referer: https://www.mediaite.com/
Origin: https://www.mediaite.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Thu, 04 Jul 2024 21:55:13 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 15:14:37 GMT
server: cloudflare
age: 108677
etag: "60ba435d-3408"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89e25bbb3bf80c33-AMS
content-length: 13320
expires: Wed, 10 Jul 2024 15:43:56 GMT

GET
H2 200 am-franklin-800i.woff2
am12.mediaite.com/med/cnt/themes/m2019/fonts/ 16 KB
16 KB 90ms
43ms Font
font/woff2 2606:4700:10::6816:3a6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am12.mediaite.com/med/cnt/themes/m2019/fonts/am-franklin-800i.woff2?2106041514
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf979eb49360af2f3aeed5cd5ebd25e8702f55cb5205ab14d6ef229b78855f5

Request headers

Referer: https://www.mediaite.com/
Origin: https://www.mediaite.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Thu, 04 Jul 2024 21:55:13 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 15:14:37 GMT
server: cloudflare
age: 104505
etag: "60ba435d-3f78"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89e25bbb3bef0c33-AMS
content-length: 16248
expires: Wed, 10 Jul 2024 16:53:28 GMT

GET
H2 200 crit-main.min.css
am13.mediaite.com/med/cnt/themes/m2019/css/min/ 36 KB
10 KB 39ms
29ms Stylesheet
text/css 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am13.mediaite.com/med/cnt/themes/m2019/css/min/crit-main.min.css?2402071915
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06772a40a60519e707b4b2aabf4945607ac8d3eb6de4b57b02b3d905c0838871

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Thu, 04 Jul 2024 21:55:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 19:15:56 GMT
server: cloudflare
age: 108840
etag: W/"65c3d6ec-91f3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 89e25bbafecfb969-AMS
expires: Wed, 10 Jul 2024 15:41:13 GMT

GET
H2 200 def-main.min.css
am11.mediaite.com/med/cnt/themes/m2019/css/min/ 7 KB
2 KB 38ms
28ms Stylesheet
text/css 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://am11.mediaite.com/med/cnt/themes/m2019/css/min/def-main.min.css?2401311500
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8368bc528fb03da114f988ad934630f4e98067cc1200e1b3243e660b8595ccf

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Thu, 04 Jul 2024 21:55:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 15:00:12 GMT
server: cloudflare
age: 104254
etag: W/"65ba607c-1d58"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 89e25bbafed0b969-AMS
expires: Wed, 10 Jul 2024 16:57:39 GMT

GET
H2 200 AP24183832026348-288x162.jpg
am14.mediaite.com/med/cnt/uploads/2024/07/ 20 KB
20 KB 57ms
43ms Image
image/jpeg 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am14.mediaite.com/med/cnt/uploads/2024/07/AP24183832026348-288x162.jpg
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f937f386d63de0eca0649fd43403a9c0ad95a59bbc5ded7208cfe21ecfc5cb77

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
cf-cache-status: HIT
age: 6926
content-length: 20602
pragma: public
cf-bgj: h2pri
last-modified: Tue, 02 Jul 2024 13:56:45 GMT
server: cloudflare
etag: "6684071d-507a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89e25bbafedfb969-AMS
expires: Thu, 11 Jul 2024 19:59:47 GMT

GET
H2 200 JUST-IN-Liz-Cheney-Drops-Brutal-Anti-Trump-Ad-To-Air-Against-His-CNN-Town-Hall-%E2%80%94-Starring-Trump-And-Pence-Hunting-Rioters-288x162.png
am12.mediaite.com/med/cnt/uploads/2024/03/ 75 KB
75 KB 57ms
43ms Image
image/png 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am12.mediaite.com/med/cnt/uploads/2024/03/JUST-IN-Liz-Cheney-Drops-Brutal-Anti-Trump-Ad-To-Air-Against-His-CNN-Town-Hall-%E2%80%94-Starring-Trump-And-Pence-Hunting-Rioters-288x162.png
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15477654f29ab4c5cb52c800266a5e9d6338fafbd36495c1055c4f02acfb7a0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: public
date: Thu, 04 Jul 2024 21:55:13 GMT
cf-cache-status: HIT
last-modified: Sun, 17 Mar 2024 19:33:03 GMT
server: cloudflare
age: 12229
etag: "65f7456f-12ae8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89e25bbafed9b969-AMS
content-length: 76520
expires: Thu, 11 Jul 2024 18:31:24 GMT

GET
H2 200 Biden-Asked-What-Has-The-Biden-Harris-Administration-Done-For-Me-As-A-Black-Person-288x162.jpg
am14.mediaite.com/med/cnt/uploads/2024/07/ 29 KB
29 KB 29ms
27ms Image
image/jpeg 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am14.mediaite.com/med/cnt/uploads/2024/07/Biden-Asked-What-Has-The-Biden-Harris-Administration-Done-For-Me-As-A-Black-Person-288x162.jpg
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58903a6d054be5ff95cd5b49bfb75e09ea2fb008892d69a28390d8093072867f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
cf-cache-status: HIT
age: 21214
content-length: 29705
pragma: public
cf-bgj: h2pri
last-modified: Thu, 04 Jul 2024 15:14:47 GMT
server: cloudflare
etag: "6686bc67-7409"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89e25bbb5f3fb969-AMS
expires: Thu, 11 Jul 2024 16:01:39 GMT

GET
H2 200 What-Did-You-Do-With-The-Semen_-Stormy-Daniels-Chokes-Up-Revealing-Horrific-Details-Trump-Prosecutors-Asked-Her-For-2024-07-02-288x162.jpg
am12.mediaite.com/med/cnt/uploads/2024/07/ 29 KB
29 KB 33ms
31ms Image
image/jpeg 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am12.mediaite.com/med/cnt/uploads/2024/07/What-Did-You-Do-With-The-Semen_-Stormy-Daniels-Chokes-Up-Revealing-Horrific-Details-Trump-Prosecutors-Asked-Her-For-2024-07-02-288x162.jpg
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73bf308a5cc46c465456bd487a9f539e74a21cf2c46f7bf4d2f48a72f556dfd8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
cf-cache-status: HIT
age: 26282
content-length: 29313
pragma: public
cf-bgj: h2pri
last-modified: Thu, 04 Jul 2024 12:15:43 GMT
server: cloudflare
etag: "6686926f-7281"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89e25bbb5f40b969-AMS
expires: Thu, 11 Jul 2024 14:37:11 GMT

GET
H2 200 AP23325598756148-crop-288x162.jpg
am11.mediaite.com/med/cnt/uploads/2023/12/ 34 KB
34 KB 30ms
28ms Image
image/jpeg 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am11.mediaite.com/med/cnt/uploads/2023/12/AP23325598756148-crop-288x162.jpg
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9b1a56d5b51efc9c0826e93c1e4419886cc9b8da75f61b3a7f116e47322c36

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
cf-cache-status: HIT
age: 28358
content-length: 34940
pragma: public
cf-bgj: h2pri
last-modified: Fri, 01 Dec 2023 16:30:59 GMT
server: cloudflare
etag: "656a0a43-887c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89e25bbb5f42b969-AMS
expires: Thu, 11 Jul 2024 14:02:35 GMT

GET
H2 200 AP23215009791761-2048x1366.jpg
am11.mediaite.com/med/cnt/uploads/2024/05/ 273 KB
274 KB 44ms
34ms Image
image/jpeg 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am11.mediaite.com/med/cnt/uploads/2024/05/AP23215009791761-2048x1366.jpg
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91ac3d5ae5912a1f07c1651fdafc2fb432fe5092adcf6822ba96c28ab31d9f7a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
cf-cache-status: HIT
age: 37758
content-length: 279901
pragma: public
cf-bgj: h2pri
last-modified: Fri, 03 May 2024 04:20:20 GMT
server: cloudflare
etag: "66346604-4455d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89e25bbafed3b969-AMS
expires: Thu, 11 Jul 2024 11:25:55 GMT

GET
H2 200 hacked-2048x960.jpg
am12.mediaite.com/med/cnt/uploads/2024/05/ 276 KB
276 KB 41ms
40ms Image
image/jpeg 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am12.mediaite.com/med/cnt/uploads/2024/05/hacked-2048x960.jpg
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a57e62bad9d78ce3693df8d415bbe710a06eb71e6da389f7f2267996d8d3912

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
cf-cache-status: HIT
age: 37758
content-length: 282601
pragma: public
cf-bgj: h2pri
last-modified: Fri, 03 May 2024 04:08:30 GMT
server: cloudflare
etag: "6634633e-44fe9"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89e25bbb5f44b969-AMS
expires: Thu, 11 Jul 2024 11:25:55 GMT

GET
H2 200 maxresdefault.jpg
img.youtube.com/vi/lroJ-5DaF2s/ 89 KB
89 KB 45ms
8ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/lroJ-5DaF2s/maxresdefault.jpg

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7363db3e386a678104d0a01c7b41f603f33eb54a841882f3d4b183c95351abc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:09:58 GMT
x-content-type-options: nosniff
age: 2715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91023
x-xss-protection: 0
server: sffe
etag: "1719613318"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 04 Jul 2024 23:09:58 GMT

GET
H2 200 maxresdefault.jpg
img.youtube.com/vi/q9O6E3KAQYM/ 64 KB
64 KB 58ms
22ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/q9O6E3KAQYM/maxresdefault.jpg

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81cee0d8b19c2d6d35bc256f06cb5cdd83efc9fd6c178838ebf0eae43d862282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65698
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 04 Jul 2024 22:00:13 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 55 KB
22 KB 75ms
15ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48b4186595c64c33e8190a639202e759c1730e3fbbfe038cfe474910057a1d16

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Jul 2024 21:55:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21605
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "08b1bdb3ba0ce982"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 21:55:13 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 73ms
27ms Script
application/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1315
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 89e25bbba91166c8-AMS
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 07 Jul 2024 21:55:13 GMT

GET
H/1.1 200
OK reach.js Show response
simple-cdn.s3.amazonaws.com/js/ 0
367 B 552ms
177ms Script
application/javascript 52.92.210.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://simple-cdn.s3.amazonaws.com/js/reach.js
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.210.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:55:15 GMT
Last-Modified: Tue, 26 Jan 2021 12:54:35 GMT
Server: AmazonS3
x-amz-request-id: DD9PE0YA802T2Q16
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: ESnxZR66KNk5ZfohEdFYEo2rERI7HKRt4aL5zDqR8wqLdv6e6+FXObl6CTUPA/SUC6049gwkfmk=

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 222 KB
59 KB 42ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 Jul 2024 21:55:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58293
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2786, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: zegACC1NiUY7sLC2Zi6RkylVyvH1nqB3J7a7vApaXjjAHfnpwco77UkcNvMC/orxYBCvSf0gKWmh86l/7yOHTA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 fiwBvTgc29EVE0skMlb3zpzZVVI_r2N9EWtugrJ9eiLo6qiTFlPiUPSIybVGBG50sDwdqewBnnKFw Show response
profusesupport.com/v2/0/ 71 KB
25 KB 234ms
36ms Script
text/javascript 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://profusesupport.com/v2/0/fiwBvTgc29EVE0skMlb3zpzZVVI_r2N9EWtugrJ9eiLo6qiTFlPiUPSIybVGBG50sDwdqewBnnKFw

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f3fe811be982fcc4f384f5690cb4a7a1566c0ae2280ba7d03c2a2d05270a487

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:14 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: MISS
x-buildnumber: 1353145067
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
etag: W/"5533ae989c686b75d5be5b3f42d633e9f02a9024a4369f80bce63e2b5efaba05"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-xmqk
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *
cf-ray: 89e25bbc9807b920-AMS

GET
H2 200 ads.min.js Show response
ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ 97 KB
26 KB 99ms
33ms Script
application/javascript 18.239.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.js?referrer=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&cb=35
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-75.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: 795add72eb3a444658ebe344d8194e990b883bf2347889410a278705d159013a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

adthrive-bucket: prod
date: Thu, 04 Jul 2024 21:48:50 GMT
content-encoding: br
via: 1.1 1b7d5366c33b2955ce3e4c9398a0f058.cloudfront.net (CloudFront)
adthrive-deployment: stable
x-amz-cf-pop: AMS58-P2
age: 383
adthrive-commit: f52ed8d
x-cache: Hit from cloudfront
adthrive-gdpr: true
pragma: no-cache
server: CloudFront
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, must-revalidate, s-maxage=28800
x-amz-cf-id: ZSRINfaV6PUYI6u9byMx5p61QMJUgpPupWu_Dra1qLsti6bQrIK3qQ==
expires: 0

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 55ms
13ms Script
text/javascript 18.239.83.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-58.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 07:50:04 GMT
content-encoding: gzip
via: 1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
last-modified: Fri, 03 May 2024 13:20:45 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 50710
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: kZWFbDpupBXb-9tHoRLC0gaIeyoprmOpoqpmZAPutJAr2n-_R9CPmQ==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/abramsmedia-mediaitenetwork/ 768 KB
58 KB 152ms
107ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/abramsmedia-mediaitenetwork/loader.js
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c30ba0889b67c145e87e93d0620f6500e3c80ef57a1e4d3edde75cf06c44474

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: gAIxoY4_UlenzVv92x699dTOTiECqlz4
content-encoding: gzip
via: 1.1 varnish
date: Thu, 04 Jul 2024 21:55:14 GMT
x-amz-request-id: 21694KYVMXM21YVD
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 59356
x-amz-id-2: r3Ahd5+xwiDQGaSsKZaRZnoBPxD9DGOtyuG/DdSqmGY//+OnH06KCi3rrzUV2EIYNBfeWqMVYxY=
x-served-by: cache-fra-etou8220140-FRA
last-modified: Thu, 04 Jul 2024 13:07:06 GMT
server: AmazonS3
x-timer: S1720130114.904511,VS0,VE100
etag: "7994faaa4bda631b8bed3ce9d3647b76"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 60
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
10 KB 71ms
7ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
content-encoding: gzip
etag: "tIg8n6xaLBY4WwNLLw9OGA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 11 Jul 2024 21:55:13 GMT

GET
DATA 200
OK truncated
/ 525 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b22e31dd0658b72a1248a1b9e40cdf109da76be3bf6b830fc6a98453f2ec278

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 200 972821673164991 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 131ms
131ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/972821673164991?v=2.9.160&r=stable&domain=www.mediaite.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ec04cebad77686ee5060b7c933beb2b105bb7a4159a2c29b32d8df3bc94912b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 04 Jul 2024 21:55:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=64, mss=1328, tbw=63832, tp=-1, tpl=-1, uplat=123, ullat=0
pragma: public
x-fb-debug: 2VjoWadtkOvFSbLc2wnIROjca/dk5oSP8V4UjlCb1cSIxn1s1ed1EmJpgUoJS2L0s1g52Jjwobps+PZ51wpj0g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 18ms
18ms Image
text/plain 18.239.83.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=9304643&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1720130113880&ns_c=UTF-8&c7=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&c8=Human%20Events%20and%20Post%20Millennial%20Websites%20Hacked&c9=
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-58.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
via: 1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-amz-cf-id: oFx-5xzA-p4MKlYiAKjY-1T9U6oYqpMwlcS6hLTqtgXjOgY0A2k4UQ==
x-cache: Miss from cloudfront

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9069088-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Jul 2024 21:41:01 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 852
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 04 Jul 2024 23:41:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
103 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ECWL4EPTZN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9069088-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b787ade2bdde427d86a00d64a8bbd6c8b44a68e4cfcffbd5fc2acbb78e3419f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104846
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jul 2024 21:55:13 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 66ms
37ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ECWL4EPTZN&gtm=45je4730v896814065za200&_p=1720130113807&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1699088466.1720130114&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720130113&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&dt=Human%20Events%20and%20Post%20Millennial%20Websites%20Hacked&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1004&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ECWL4EPTZN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 21:55:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mediaite.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 75ms
21ms Ping
text/plain 2a00:1450:400c:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ECWL4EPTZN&cid=1699088466.1720130114&gtm=45je4730v896814065za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ECWL4EPTZN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 21:55:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mediaite.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 77ms
53ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ECWL4EPTZN&cid=1699088466.1720130114&gtm=45je4730v896814065za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=1423237039

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 21:55:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 56ms
11ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220158-FRA

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 38ms
35ms Script
application/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1315
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 89e25bbc196166c8-AMS
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 07 Jul 2024 21:55:13 GMT

GET
H2 200 KCOSQ1qKASI
www.youtube.com/embed/ Frame E02C 0
0 121ms
68ms Document
text/html 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/KCOSQ1qKASI?autoplay=0&mute=1&rel=0

Requested by

Host: am11.mediaite.com
URL: https://am11.mediaite.com/med/cnt/themes/m2019/js/min/min.js?2401311500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 21:55:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/ 138 KB
49 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5bf2711b952af69162c95a19e30326c252011ffafeae2bd295cfe732a9b70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 01:46:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49325
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 15:21:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Jul 2025 01:46:26 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/ 124 KB
42 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3d00e5d946b1dc139a67331992e089c0b773bb38fcd222755eef1873f994a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 13:34:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43217
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 15:21:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Jul 2025 13:34:12 GMT

GET
H2 200 subscribe_embed
www.youtube.com/ Frame 60E6 0
0 92ms
42ms Document
text/html 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCGJNv0jLqnkp9VbEXTbRd5w&layout=default&count=default&origin=https%3A%2F%2Fwww.mediaite.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 04 Jul 2024 21:55:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cmp.php Show response
b.delivery.consentmanager.net/delivery/ 5 KB
2 KB 71ms
27ms Script
text/javascript 87.230.98.78
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://b.delivery.consentmanager.net/delivery/cmp.php?&cdid=cf7510ba3149d&h=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&&__cmpfcc=1&l=en&ls=EN_EN_DE&lp=EN&o=1720130113939

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.js?referrer=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&cb=35

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.78 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ds87-230-98-78.dedicated.psmanaged.com

Software

Resource Hash

e30cb028cc6e8df384017dbc109d8de3256e3759d1fccb7c9cb54daff81ad74e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 21:55:13 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2024 21:55:13 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
edge-control: no-store, no-cache, must-revalidate
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 cmp_final.min.js Show response
cdn.consentmanager.net/delivery/js/ 422 KB
92 KB 39ms
8ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.net/delivery/js/cmp_final.min.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.js?referrer=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&cb=35
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6c8e40d0b7910c8066300a7576b89ef59631fb077df2faf5890d36a10e1b8804

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-77-pop: frankfurtDE
date: Thu, 04 Jul 2024 21:55:13 GMT
content-encoding: gzip
x-accel-date-max: 1720044029
x-77-cache: HIT
x-cache: HIT
edge-control: max-age=86400
x-age: 86084
x-accel-date: 1720044029
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwB1GY4tAH3RFABAAgBJRPCNAFh
x-accel-expires: @1720130429
x-77-age: 86084
last-modified: Wed, 03 Jul 2024 21:59:15 GMT
server: CDN77-Turbo
etag: W/"69737-61c5ef0ef92c0"
x-77-nzt-ray: 6d204d1134e1d1e5411a8766a3c71e3a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Thu, 04 Jul 2024 22:00:29 GMT

GET
H2 200 marmalade Show response
ads.adthrive.com/api/v1/ 5 KB
1 KB 1304ms
1278ms Fetch
application/json 18.239.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/api/v1/marmalade?siteid=5ac64c79fdf4d60603abe6a5&url=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&deliveryFeatures=recencyFrequency,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,consentManagerCMP,amazonBetaApstag,ttdSync
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.js?referrer=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&cb=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-75.ams58.r.cloudfront.net
Software: /
Resource Hash: 424fb2d1229ed30d82b4f36801524a7f82e1198365df67e8a6de4b6b705a458c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:15 GMT
content-encoding: br
via: 1.1 04ddc2ad740f178bb6e0e07dc16f9744.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-trace-id: Root=1-66871a42-4f3eb8a41ec641935a7588c4;Parent=55370ec50e23098f;Sampled=0;lineage=e948d84a:0
x-amzn-requestid: e1a7b2a9-a4dc-43ec-9279-3712d51add26
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=3600, s-maxage=3600
x-amz-apigw-id: aaEKZF8WoAMEPJQ=
x-amz-cf-id: lEiVOLcbQZFVKPmwEKL_pXLvTiYD99m7GNUS6cXCouT6y-0DQFywfg==

GET
H2 200 5ac64c79fdf4d60603abe6a5 Show response
ads.adthrive.com/api/v2/raptiveFloors/ 42 KB
6 KB 73ms
47ms XHR
application/json 18.239.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/api/v2/raptiveFloors/5ac64c79fdf4d60603abe6a5
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.js?referrer=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&cb=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-75.ams58.r.cloudfront.net
Software: /
Resource Hash: e4c2858c863735a217bf7cdeaf65a7f92387e82375d706a46a02a076e9bee19d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 17:47:16 GMT
content-encoding: br
via: 1.1 04ddc2ad740f178bb6e0e07dc16f9744.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
age: 14878
x-amzn-trace-id: Root=1-6686e023-595aeca1677a44906d06b21b;Parent=32c7b793e93a862f;Sampled=0;lineage=e7e36c41:0
x-amzn-requestid: 90286625-b87e-48e7-a457-2da48f1edc6d
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: aZf1qH37oAMEFEA=
x-amz-cf-id: GbHyeQoQ2tfkyVS_LPYi_WMczFwvKWjI9l2e2-fqLgCx8mAFQpe8Tw==

GET
H2 200 adthrive.min.js Show response
ads.adthrive.com/builds/core/f52ed8d/es2018/js/ 1 MB
342 KB 14ms
13ms Script
application/javascript 18.239.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/core/f52ed8d/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=recencyFrequency,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,consentManagerCMP,amazonBetaApstag,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.js?referrer=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&cb=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-75.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: 149e257583daeca7357a39f2be9f8bdcaefb93be3f47c52cc294d7cf4b8f07d3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 00:00:32 GMT
content-encoding: gzip
via: 1.1 1b7d5366c33b2955ce3e4c9398a0f058.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P2
age: 78881
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600, s-maxage=86400
content-length: 349190
x-amz-cf-id: cwXC0VrfM26CyBBS4sB08VlxQwYSIiYlXjf3Yh4d8h2gOVu_gODSsg==

GET
H2 200 5ac64c79fdf4d60603abe6a5.js Show response
ads.adthrive.com/builds/customizations/ 4 KB
2 KB 14ms
14ms Script
text/javascript 18.239.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/customizations/5ac64c79fdf4d60603abe6a5.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.js?referrer=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&cb=35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-75.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca35429f8487b513b2c516aae8166c812b77305b824a68de1c12d436656fcd6c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: Ky2Uni3R1E_E.bxvwx1BGfsC27.WGQ_C
content-encoding: gzip
via: 1.1 1b7d5366c33b2955ce3e4c9398a0f058.cloudfront.net (CloudFront)
date: Thu, 04 Jul 2024 21:42:41 GMT
last-modified: Thu, 06 Jun 2024 21:17:30 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 935
x-amz-server-side-encryption: AES256
etag: W/"e46772cc362f9833b09fe1bf87831c0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: TveZd39AmC7nZB3dChErB1s6TvAGF14tPUVFymObMNetq7Zf4u41jQ==

GET
H2 200 rules-p-41YeEX_ui4Qms.js Show response
rules.quantcount.com/ 160 B
632 B 36ms
7ms Script
application/javascript 2600:9000:223c:f400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-41YeEX_ui4Qms.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f581d6679a6f83ee35007a20ded1bba92e4675c2e6911555e014612a3b9e29b6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:36:04 GMT
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1293
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 22:56:05 GMT
server: AmazonS3
etag: "962ca8f7e53b2c29067795cc5ed95cfb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: QMrEJ9efw76LbOWdZXXl0A8pmB-x0IkIyi9LAVV2Own2Zah5Rz_LkA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=846222836&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&ul=de-de&de=UTF-8&dt=Human%20Events%20and%20Post%20Millennial%20Websites%20Hacked&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=962333713&gjid=91538461&cid=1699088466.1720130114&tid=UA-9069088-1&_gid=57763893.1720130114&_r=1&gtm=457e4730za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=742923356

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mediaite.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 21:55:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mediaite.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame B93B 0
0 81ms
29ms Document
text/html 2a00:1450:400c:c0b::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.mediaite.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-nT8pm-wcZIEyYVYs0ERdEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'nonce-nT8pm-wcZIEyYVYs0ERdEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Thu, 04 Jul 2024 21:55:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 web Show response
onesignal.com/api/v1/sync/135a8c0a-92bf-468c-8032-395b9c19fe97/ 3 KB
2 KB 38ms
25ms Script
text/javascript 2606:4700::6811:6fdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/135a8c0a-92bf-468c-8032-395b9c19fe97/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cfab4f775ae2086b92f3d5f334b5b088b2f7f3134cdd405e5a0c69d660c9f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:14 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 1096
cf-polished: origSize=3407
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3536ea52-0918-4ec6-ba45-6039a6a7d7b7
x-runtime: 0.028068
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"017ed848e9d60911a7dd59d6141e3fb6"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 89e25bbcb9dc66c8-AMS
access-control-allow-headers: SDK-Version
expires: Thu, 04 Jul 2024 22:55:14 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 160ms
129ms Image
image/gif 93.184.221.165
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=1320b56d-950b-4d69-b06b-fe7edbacc604&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5a343990-8982-4762-b98e-4fff0966597b&tw_document_href=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4cef&type=javascript&version=2.3.30

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-response-time: 116
date: Thu, 04 Jul 2024 21:55:13 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: b15a568544068666
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 29cae2fbc3b83d3ee9dce58bdc6a785de88dc1d38dc2b5ef99744648a66b635b
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 145ms
119ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1320b56d-950b-4d69-b06b-fe7edbacc604&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5a343990-8982-4762-b98e-4fff0966597b&tw_document_href=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4cef&type=javascript&version=2.3.30

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-response-time: 110
date: Thu, 04 Jul 2024 21:55:13 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: b62b0ce3762d3d84
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 41aecf275b5db94220ae71840a68b496f5851839ed1ce7e449d179baaea23a42
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 32ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=972821673164991&ev=PageView&dl=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&rl=&if=false&ts=1720130114033&sw=1600&sh=1200&v=2.9.160&r=stable&a=wordpress-6.5.5-3.0.7&ec=0&o=4126&fbp=fb.1.1720130114032.43915436516301020&ler=empty&cdl=API_unavailable&it=1720130113874&coo=false&rqm=GET

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2812, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 04 Jul 2024 21:55:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 131ms
107ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=972821673164991&ev=PageView&dl=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&rl=&if=false&ts=1720130114033&sw=1600&sh=1200&v=2.9.160&r=stable&a=wordpress-6.5.5-3.0.7&ec=0&o=4126&fbp=fb.1.1720130114032.43915436516301020&ler=empty&cdl=API_unavailable&it=1720130113874&coo=false&rqm=FGET

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
date: Thu, 04 Jul 2024 21:55:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=13, mss=1328, tbw=3129, tp=-1, tpl=-1, uplat=99, ullat=0
pragma: no-cache
x-fb-debug: T+4p3eJYuW7AlkPHBSJBSjFyiAIZ2ay4hMiphN69NUAl0N4+6XMLgtVICR/z488rqgX7IRuGkB8cPaMxpb+v3g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bV8xLndfOTg5Nzgucl9HRFBSLmxfZW4uZF8zNDc0Mi54XzgxLnYucC50XzM0NzQyLnh0XzEy.js Show response
cdn.consentmanager.net/delivery/customdata/ 102 KB
25 KB 7ms
7ms Script
text/javascript 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/customdata/bV8xLndfOTg5Nzgucl9HRFBSLmxfZW4uZF8zNDc0Mi54XzgxLnYucC50XzM0NzQyLnh0XzEy.js

Requested by

Host: b.delivery.consentmanager.net
URL: https://b.delivery.consentmanager.net/delivery/cmp.php?&cdid=cf7510ba3149d&h=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&&__cmpfcc=1&l=en&ls=EN_EN_DE&lp=EN&o=1720130113939

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

82c47e8613bd8ac83f2901140e50a6c7220dce128f2c1f7416ca08cfa7933c50

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-77-pop: frankfurtDE
date: Thu, 04 Jul 2024 21:55:14 GMT
content-encoding: gzip
x-accel-date-max: 1720129248
x-77-cache: HIT
x-cache: HIT
edge-control: public, max-age=1800
x-age: 866
x-accel-date: 1720129248
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
x-77-nzt: EgwB1GY4tAH3YgMAAAwBJRPCNAH3BwAAAA
x-accel-expires: @1720131041
x-77-age: 866
last-modified: Thu, 04 Jul 2024 21:40:41 GMT
server: CDN77-Turbo
x-77-nzt-ray: 6d204d1134e1d1e5421a87665f634102
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
expires: Thu, 04 Jul 2024 22:10:41 GMT

GET
H2 200 load.js Show response
pm-widget.taboola.com/abramsmedia-mediaitenetwork/ 3 KB
1 KB 17ms
16ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/abramsmedia-mediaitenetwork/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/abramsmedia-mediaitenetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91d23e883844155a6d1b95820f81df1351008858b022cd3c144b8308f0e7b2ce

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: 4yEeZccdZ65nSkwItF8mHuM7JL75HTl0
content-encoding: gzip
via: 1.1 varnish
date: Thu, 04 Jul 2024 21:55:14 GMT
x-amz-request-id: BTR2538M2YMJ7J9T
age: 754
x-cache: HIT
content-length: 1119
x-amz-id-2: KfrVcG4QDH9s9z2G0mNWqnSs6nn/OyamIpNBT4m7aR00fGDZQlV4xsOY3DLw7O56kXwhDGp6aR0=
x-served-by: cache-fra-etou8220140-FRA
last-modified: Fri, 15 Mar 2024 11:43:58 GMT
server: AmazonS3
x-timer: S1720130114.076526,VS0,VE1
etag: "a185b45137b16773b5c5c7bac51f1cfa"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 impl.20240704-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 894 KB
182 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240704-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/abramsmedia-mediaitenetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 98c36043157373d9ff8f3aad96bd05f08df06b107d2ee71da9e9a3e2fe183e55

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: Exna2HV4Ud1BsDfICIG8io471EOnxgy4
content-encoding: br
via: 1.1 varnish
date: Thu, 04 Jul 2024 21:55:14 GMT
x-amz-request-id: 9S9ZPDSB9HYAQ62A
age: 12587
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 186019
x-amz-id-2: 3s6aES4cZtImL0yD7SaBX0pzNyyXDxbWGXAXWTlwTlgtXPFCM7GL70JJvx9+YJl1FddTqsZPvOI=
x-served-by: cache-fra-etou8220140-FRA
last-modified: Thu, 04 Jul 2024 10:23:25 GMT
server: AmazonS3-br
x-timer: S1720130114.076425,VS0,VE0
etag: "5e55358f69a24a56737155c4dd60ab3a"
vary: Accept-Encoding
content-type: application/javascript
abp: 31
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 24696

GET
H/1.1 200
OK /
c.delivery.consentmanager.net/delivery/info/ 43 B
404 B 72ms
18ms Image
image/gif 87.230.98.76
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.delivery.consentmanager.net/delivery/info/?id=98978&did=1&cfdid=1&t=pv.d_ncs.d_ancs.d_bncs&h=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&o=1720130114151&l=EN&lv=103409&d=1&ct=14&e=&e2=&e3=&i=&sv=12&dv=81&

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.76 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5050018.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 21:55:14 GMT
last-modified: Thu, 04 Jul 2024 21:55:14 GMT
content-type: image/gif
access-control-allow-origin: *
edge-control: no-store, no-cache, must-revalidate
cache-control: no-store, no-cache, must-revalidate
content-length: 43
x-xss-protection: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK /
c.delivery.consentmanager.net/delivery/info/ 43 B
404 B 75ms
21ms Image
image/gif 87.230.98.76
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.delivery.consentmanager.net/delivery/info/?id=98978&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&o=1720130114152&l=EN&lv=103409&d=1&ct=14&e=&e2=&e3=&i=&sv=12&dv=81&

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.76 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5050018.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 21:55:14 GMT
last-modified: Thu, 04 Jul 2024 21:55:14 GMT
content-type: image/gif
access-control-allow-origin: *
edge-control: no-store, no-cache, must-revalidate
cache-control: no-store, no-cache, must-revalidate
content-length: 43
x-xss-protection: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 89ms
21ms Image
image/gif 2600:9000:2246:9800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adspot_id=jzvgq_728x90_
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:9800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 15:17:30 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 54539657e1cb0d581a1136c9b6cc01a6.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 110265
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: p7uby8L1ihClqH_liMxlB3y8yUqp9vzXOdRiAuPaBaFqSRVYueQqPA==

GET
H3 200 en.gif
cdn.consentmanager.net/delivery/flags/ 384 B
820 B 6ms
6ms Image
image/gif 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.consentmanager.net/delivery/flags/en.gif
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-77-pop: frankfurtDE
date: Thu, 04 Jul 2024 21:55:14 GMT
x-accel-date-max: 1708090829
x-77-cache: HIT
x-cache: HIT
edge-control: max-age=2592000
x-age: 12039285
x-accel-date: 1708090829
alt-svc: h3=":443"; ma=86400
content-length: 384
x-77-nzt: EgwB1GY4tAH3dbS3AAwB1GY4EQH3IgAAAA
x-accel-expires: @1739626795
x-77-age: 12039285
last-modified: Mon, 14 Jun 2021 21:37:37 GMT
server: CDN77-Turbo
etag: "180-5c4c0aa828a40"
x-77-nzt-ray: 6d204d11b8d97cef421a8766cc67230a
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Feb 2025 13:39:55 GMT

GET
H2 200 pmk-20220605.4.js Show response
pm-widget.taboola.com/abramsmedia-mediaitenetwork/ 69 KB
20 KB 23ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/abramsmedia-mediaitenetwork/pmk-20220605.4.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/abramsmedia-mediaitenetwork/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86130925c7dbecb1a2eae2efa1280beb5f583bc983ffb70a20ccc7ed2d52751b

Request headers

Referer: https://www.mediaite.com/
Origin: https://www.mediaite.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: YGuIIXoqAT6KpOrV5_0g3GDmplm_C3b9
content-encoding: gzip
via: 1.1 varnish
date: Thu, 04 Jul 2024 21:55:14 GMT
x-amz-request-id: PG2HE6KFSFW1KVJ1
age: 750341
x-cache: HIT
content-length: 19865
x-amz-id-2: rmlM6yVqyKJ+NW95+Dh2nUEPTxexoRkaeA8Phmv556MZrsBGr/zTQWUags3b6Mx2iKWr8jXkehI=
x-served-by: cache-fra-etou8220067-FRA
last-modified: Fri, 15 Mar 2024 11:43:56 GMT
server: AmazonS3
x-timer: S1720130114.190081,VS0,VE1
etag: "38c6ff5eb44befb5ee4be702879dcef3"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 google-topics-api.20240704-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 8ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/google-topics-api.20240704-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/abramsmedia-mediaitenetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10053a3d688e1bdecacbb024e433e2b418171851bd9fac1482232c11d24abe6d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: LwJVlprUDKzdEuoPv_C6UcCU7QqCfhua
content-encoding: gzip
via: 1.1 varnish
date: Thu, 04 Jul 2024 21:55:14 GMT
x-amz-request-id: HR879HXFATW1VMT6
age: 36474
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 978
x-amz-id-2: lmGMLskKcfRqddWTSTvQlZVINYDncwNhqp2v048hJZEsLlSIpspuqo9QVHA3gvaks5Mk2PTaFBM=
x-served-by: cache-fra-etou8220140-FRA
last-modified: Thu, 04 Jul 2024 11:47:21 GMT
server: AmazonS3
x-timer: S1720130114.186000,VS0,VE0
etag: "4b3e0423204320fbe4fc59b175c211c2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 17
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 48771

GET
H2 200 sync Show response
gum.criteo.com/ 35 KB
11 KB 43ms
13ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240704-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dbe8e596830dc94145acacd17ebdc3fd9553df87b0cb637d10d338e676a9a831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 400623
expires: 60

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame C855 0
0 19ms
7ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240704-7-RELEASE.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

abp: 79
accept-ranges: bytes
access-control-allow-origin: *
age: 52849
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Thu, 04 Jul 2024 21:55:14 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: WJ7HUWSXwQk7466uNAlUKnkvOaQ+POcvqF9iHiQx6M6a4TrwqSMJNOtgmd6o8plWeZEczvb4/r4=
x-amz-replication-status: COMPLETED
x-amz-request-id: AKPH57N3AWSG1NJ9
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 1006174
x-served-by: cache-fra-etou8220146-FRA
x-timer: S1720130114.235746,VS0,VE0

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/ 27 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/cb=gapi.loaded_2?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15ac93425f657629cd95ae465f8cd231e7cd7edad78d508dba5fa734e8f63ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 05:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9105
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 15:21:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Jul 2025 05:01:05 GMT

GET
H3 200 subscribe_embed
www.youtube.com/ Frame BBB6 0
0 39ms
36ms Document
text/html 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCGJNv0jLqnkp9VbEXTbRd5w&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 04 Jul 2024 21:55:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
129 B 36ms
13ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 02:59:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 68146
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Jul 2025 02:59:28 GMT

GET
H2 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
139 B 35ms
12ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:41:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
age: 842
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Jul 2025 21:41:12 GMT

GET
H2 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
431 B 33ms
11ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 09:32:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 44564
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Jul 2025 09:32:30 GMT

GET
H2 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
206 B 32ms
11ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jul 2024 14:47:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
age: 198453
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 02 Jul 2025 14:47:41 GMT

GET
H2 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
557 B 31ms
10ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 18:54:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
age: 10821
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Jul 2025 18:54:53 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 150ms
38ms Script
application/x-javascript 2600:9000:2038:6a00:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2038:6a00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 16:20:10 GMT
content-encoding: gzip
via: 1.1 033ed92c09627372dcaf2c27f57f2f76.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 00:13:00 GMT
server: nginx
x-amz-cf-pop: HEL50-C2
age: 20104
etag: W/"665fad8c-9895"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: aqyqWN1xiTrI907ZMD9AxtKH8PpjXXRz1zfriHT2YkLUbhyAFaloNg==
expires: Fri, 05 Jul 2024 16:20:10 GMT

GET
H2 200 favicon.ico
www.mediaite.com/ 894 B
745 B 31ms
30ms Other
image/x-icon 2606:4700:10::ac43:1906
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediaite.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d56c6a7208faa78b0363e0f0468a1d7d537a96f1ff0f6dadfa2ef0dbbf314e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:14 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2017 20:49:57 GMT
server: cloudflare
age: 1714
etag: W/"595ea275-37e"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 89e25bbed9f9b969-AMS

GET
H2 200 i.html
ads.adthrive.com/builds/core/f52ed8d/html/ Frame 00F0 0
0 34ms
12ms Document
text/html 18.239.36.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/core/f52ed8d/html/i.html
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/f52ed8d/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=recencyFrequency,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,consentManagerCMP,amazonBetaApstag,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-129.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

age: 3204
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Thu, 04 Jul 2024 21:01:51 GMT
etag: W/"7ff33d1082bd05a8e5c77e94bc0fa576"
last-modified: Mon, 01 Jul 2024 17:26:58 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 2e727a8c78efdc43baa0571190ea0f4a.cloudfront.net (CloudFront)
x-amz-cf-id: TvfNOaaq184szBn_gFIIbrM4c3R-86Ab9TeWcOSg6bjuAtkgGy1sug==
x-amz-cf-pop: AMS58-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: sneevJQg42VMdUC_vBxPbJZbTiAh0BCG
x-cache: Hit from cloudfront

GET
H2 200 prebid.min.js Show response
ads.adthrive.com/builds/core/f52ed8d/gdpr/vendor/prebid/es2018/s2s/ 602 KB
182 KB 13ms
12ms Script
text/javascript 18.239.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/builds/core/f52ed8d/gdpr/vendor/prebid/es2018/s2s/prebid.min.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/f52ed8d/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=recencyFrequency,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,consentManagerCMP,amazonBetaApstag,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-75.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bab925cee1ed03d6ef9beb88f68519411c0755670ffc5fa3889b9c01448d76f0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: D8O.DFpQBBQR106iLHcbexoOE1yoZwjg
content-encoding: gzip
via: 1.1 1b7d5366c33b2955ce3e4c9398a0f058.cloudfront.net (CloudFront)
date: Thu, 04 Jul 2024 21:00:53 GMT
last-modified: Mon, 01 Jul 2024 17:27:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 3261
x-amz-server-side-encryption: AES256
etag: W/"c0f04b1200eccdf389bc66c8f0a58bf1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: DA1uxPM-3sBEEJZrZcqP208s1ahPM-Ur1aAaupB3yY4iC-CD4HhXvA==

GET
H2 200 apstag.js Show response
c.aps.amazon-adsystem.com/ 326 KB
72 KB 70ms
17ms Script
application/javascript 108.138.192.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aps.amazon-adsystem.com/apstag.js

Requested by

Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/f52ed8d/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=recencyFrequency,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,consentManagerCMP,amazonBetaApstag,ttdSync&siteid=5ac64c79fdf4d60603abe6a5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.192.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-192-109.mxp64.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9bd1d4177f0d80cba31cb90cb6f63a3895fd1a1e439fcc62d5249b7c39372f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: fuC1IA72rRSzfP.x3w_BJMCvn0fpwlKc
content-encoding: br
via: 1.1 0506189ffa7e4391aa3f3f82ddb1e396.cloudfront.net (CloudFront)
date: Thu, 04 Jul 2024 21:18:41 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MXP64-P1
age: 2194
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Jul 2024 11:46:37 GMT
server: AmazonS3
etag: W/"e67aa2e9438d441b441e1fb7c4688736"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: wCRqRFKF5TgUvZwAWNmMkvgaGYYLdvncHEMXVLBRv_rbu3GZPKGTgg==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
31 KB 81ms
49ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa34d6e7f3ff2e865952debf5a6e81db1386867d311665103893dc70a1501794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31639
x-xss-protection: 0
server: cafe
etag: 708 / 19908 / m202407010101 / config-hash: 7963625485320637285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Jul 2024 21:55:14 GMT

POST
H3 200 212df763c7adf0d291445ed38c827480a65e5c317b535737d5ef3515bb9 Show response
soggysponge.com/submit/93806d2/ 303 B
716 B 82ms
52ms Fetch
application/json 2606:4700::6812:196f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://soggysponge.com/submit/93806d2/212df763c7adf0d291445ed38c827480a65e5c317b535737d5ef3515bb9

Requested by

Host: profusesupport.com
URL: https://profusesupport.com/v2/0/fiwBvTgc29EVE0skMlb3zpzZVVI_r2N9EWtugrJ9eiLo6qiTFlPiUPSIybVGBG50sDwdqewBnnKFw

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84dd7c3644ec06902f94d61394ad77b581b596611d0fe306666effab17ae1587

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.mediaite.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jul 2024 21:55:14 GMT
strict-transport-security: max-age=15724800; preload
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
x-buildnumber: 1353145067
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mediaite.com
x-hostname: fen-hoothoot-europe-west1-xmqk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 89e25bbf8c07666a-AMS
expires: Thu, 04 Jul 2024 21:55:13 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 66ms
12ms XHR
application/javascript 18.239.70.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.70.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-70-203.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 0f0656e015969f214cbb02d6f2a23f6a.cloudfront.net (CloudFront)
date: Thu, 04 Jul 2024 05:41:59 GMT
x-amz-cf-pop: AMS58-P4
age: 58439
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: jyy-VtMc_NIhsGlSpNJE6gLO1ioND8zlJECvSD32aYuhXioZ7iFCYw==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407010101/ 466 KB
145 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fc88d4d4d71f6e63d16a5f550bd1ff0d4d09ce33b294a3121d9bbc454105e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 10:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40345
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148672
x-xss-protection: 0
server: cafe
etag: 3142213140391881883
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 04 Jul 2025 10:42:49 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 296ms
95ms Image
image/gif 44.215.185.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=mediaite.com&p=%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&u=Bflpr-0k2P8BNinZe&d=mediaite.com&g=3557&g0=Politics&g1=Charlie%20Nash&n=1&f=00001&c=0&x=0&m=0&y=3757&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&b=1450&t=BZzVoDUrmo8drDcYB8L3kJChNhe8&V=147&i=Human%20Events%20and%20Post%20Millennial%20Websites%20Hacked&tz=-120&sn=1&sv=wcqcZuxKQTDx1HblBvC7HZDFtaU4&sr=external&sd=1&im=067b0ff0&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.215.185.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-215-185-146.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 04 Jul 2024 21:55:14 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H3 200 19540eeaa1ef970e35c77c7ed5c17cf37410383619417a098f9e Show response
soggysponge.com/834f8bec399e94/ 259 B
623 B 33ms
33ms Fetch
application/json 2606:4700::6812:196f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://soggysponge.com/834f8bec399e94/19540eeaa1ef970e35c77c7ed5c17cf37410383619417a098f9e

Requested by

Host: profusesupport.com
URL: https://profusesupport.com/v2/0/fiwBvTgc29EVE0skMlb3zpzZVVI_r2N9EWtugrJ9eiLo6qiTFlPiUPSIybVGBG50sDwdqewBnnKFw

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

123afbccccfd68f5b29a8a1385ceb3fe558cecaf777e4fe1b070ff6b8cf4ffad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.mediaite.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jul 2024 21:55:14 GMT
strict-transport-security: max-age=15724800; preload
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
x-buildnumber: 1353145067
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mediaite.com
x-hostname: fen-hoothoot-europe-west1-xmqk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 89e25bbffc8a666a-AMS
expires: Thu, 04 Jul 2024 21:55:13 GMT

GET
H3 200 FixEngageRecovered Show response
soggysponge.com/build/81fbb5345b/ca3b9b28bda568a76e2ad7c7c2c918e2deb50ec21e8de6/ 18 KB
7 KB 55ms
55ms Script
text/javascript 2606:4700::6812:196f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://soggysponge.com/build/81fbb5345b/ca3b9b28bda568a76e2ad7c7c2c918e2deb50ec21e8de6/FixEngageRecovered

Requested by

Host: profusesupport.com
URL: https://profusesupport.com/v2/0/fiwBvTgc29EVE0skMlb3zpzZVVI_r2N9EWtugrJ9eiLo6qiTFlPiUPSIybVGBG50sDwdqewBnnKFw

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d15491ab2a9614e32eef0e09c8fb657a5ae4827499451571c522e98886dedac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.mediaite.com/
Origin: https://www.mediaite.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:14 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: MISS
x-buildnumber: 1353145067
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
etag: W/"aac635c46cf80d58a28ef5c44d3257fc735da81b8247652d7af596c3004a6681"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language, Origin
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.mediaite.com
x-hostname: fen-hoothoot-europe-west1-xmqk
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 89e25bc02cb3666a-AMS

GET
H/1.1 200
OK count.js Show response
mediaite.disqus.com/ 1 KB
2 KB 48ms
6ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mediaite.disqus.com/count.js

Requested by

Host: am11.mediaite.com
URL: https://am11.mediaite.com/med/cnt/themes/m2019/js/min/min.js?2401311500

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:55:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW56-P1
Age: 104
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 27 Jun 2024 14:25:10 GMT
Server: nginx
ETag: "667d7646-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: Jy76puj37jyWpVqb0yTkoAy_bUz3EPWjwpgEdnY4jkyxmq_5ihynuQ==

GET
H/1.1 200
OK count-data.js Show response
mediaite.disqus.com/ 721 B
1 KB 108ms
108ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mediaite.disqus.com/count-data.js?1=5541044%20https%3A%2F%2Fwww.mediaite.com%2F%3Fp%3D5541044&1=5555037%20https%3A%2F%2Fwww.mediaite.com%2F%3Fp%3D5555037&1=5555054%20https%3A%2F%2Fwww.mediaite.com%2F%3Fp%3D5555054&1=5555111%20https%3A%2F%2Fwww.mediaite.com%2F%3Fp%3D5555111&1=5555112%20https%3A%2F%2Fwww.mediaite.com%2F%3Fp%3D5555112&1=5555125%20https%3A%2F%2Fwww.mediaite.com%2F%3Fp%3D5555125&1=5555207%20https%3A%2F%2Fwww.mediaite.com%2F%3Fp%3D5555207

Requested by

Host: mediaite.disqus.com
URL: https://mediaite.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

350c70e4b05272ae82fe599da85128eba1ae0fd31e335a15e69fe301a6bc2ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:55:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 721
X-XSS-Protection: 1; mode=block

GET
H2 200 40NRYcC2 Show response
cdn.jwplayer.com/v2/playlists/ 109 KB
12 KB 48ms
8ms Fetch
application/json 2600:9000:225e:8400:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/playlists/40NRYcC2?max_resolution=320
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/f52ed8d/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=recencyFrequency,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,consentManagerCMP,amazonBetaApstag,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: b7e8955e92095eb6a9ff423debf2db243e4949e2edaadd40706d86ad0c36e19b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:53:13 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA60-P4
age: 122
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-robots-tag: noindex, indexifembedded
content-length: 11399
x-amz-cf-id: OAIr9PGb5wrGW0pkH8uMW7ihG6slr6_evX9CfFh0tw9uoy6oOrrVpQ==
expires: Thu, 04 Jul 2024 21:56:13

GET
H2

200

beacon-ios.js Show response
sb.scorecardresearch.com/internal-cs/6035453/
Redirect Chain

https://sb.scorecardresearch.com/cs/6035453/beacon.js
https://sb.scorecardresearch.com/internal-cs/6035453/beacon-ios.js

12 KB
5 KB

14ms
14ms

Script
application/javascript

18.239.83.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/6035453/beacon-ios.js
Protocol: H2
Server: 18.239.83.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-58.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbe68196f39972c46eb2edcd065c7b5f35e3fdcdfbdd4f79cf404000f1d29f7d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:29:57 GMT
content-encoding: gzip
via: 1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
last-modified: Mon, 15 Apr 2024 09:46:37 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 1519
x-amz-server-side-encryption: AES256
etag: W/"65312d85159eeef144a8a374bc54a1ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: ZULIggs7P4MJz0l9nsyiPmcuXe4YD4euIjC-G2AVgLYZCAffDLthfw==

Redirect headers

date: Thu, 04 Jul 2024 21:55:15 GMT
via: 1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
location: /internal-cs/6035453/beacon-ios.js
content-length: 0
x-amz-cf-id: pMrvrTzUmnyvpNvCHE-eRlvQ7hsC3ySvPsc_dUcloqlZkAl9MC-47w==

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/ 334 KB
64 KB 50ms
24ms Script
text/javascript 2606:4700:4400::6812:2b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/f52ed8d/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=recencyFrequency,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,consentManagerCMP,amazonBetaApstag,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10a26508ac3be73bfe5de632f008d227245e3e05dbf464a28cbd515990151fcc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:15 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 3PJQ58TJJR838S5X
age: 587
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 65189
x-amz-id-2: oX8Dl19HL2B9KDiU5a7RrFumsVdlRETS4s0Ty8ZltcsZ0rcORtAlRh0PkQOM9Lt8VVBN6eyogTg=
last-modified: Thu, 04 Jul 2024 21:45:20 GMT
server: cloudflare
etag: "d387b84323c659dc5a2879fa7be8e933"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
cf-ray: 89e25bc4fec166cf-AMS

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/ 315 KB
40 KB 76ms
20ms Script
text/javascript 18.66.196.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/f52ed8d/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=recencyFrequency,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,consentManagerCMP,amazonBetaApstag,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.196.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-196-100.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbbec194bb1980e49f3241f20ace32dfb18e16ce32b0b455ec317d49388c2850

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: VKY5ciaio.on5QjFmj7nEPs.Ii9y92Ew
content-encoding: gzip
via: 1.1 018d49139552bac4221d8e525a1600be.cloudfront.net (CloudFront)
date: Thu, 04 Jul 2024 08:51:29 GMT
x-amz-cf-pop: MXP63-P1
age: 47026
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Mon, 01 Jul 2024 14:01:33 GMT
server: AmazonS3
etag: W/"0ae472e5f29db7c94f13d3e70aa0c26a"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: iGUhuaJIRiE_rmFx-O_5LzqAJ19IaJ-vEZtiZtZhgq78908l8HhU5w==

GET
H2 200 ads.min.css
ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ 688 B
975 B 12ms
12ms Stylesheet
text/css 18.239.36.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.css
Requested by: Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/f52ed8d/es2018/js/adthrive.min.js?deployment=stable&bucket=prod&deliveryFeatures=recencyFrequency,reissuingSticky,manualCookieSync,raptiveFloors,switzerlandGdpr,consentManagerCMP,amazonBetaApstag,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-75.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0f89ba1e319462068c896f7469de78055f63c0318e612faf056a82a7c8fd952b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 19:37:34 GMT
via: 1.1 1b7d5366c33b2955ce3e4c9398a0f058.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P2
age: 8261
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600, s-maxage=86400
content-length: 688
x-amz-cf-id: DF65f5ZwRJCXDKpm5soJduFiGv1odsRzipV7TzkQAJLTg1Fz9N_lpA==

GET
H2 200 4fbba76f-7987-4fa2-9733-c27eb3a2170b Show response
config.aps.amazon-adsystem.com/configs/ 563 B
829 B 59ms
16ms Script
application/javascript 108.139.243.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-28.mxp63.r.cloudfront.net
Software: CloudFront /
Resource Hash: 57da007436809f672fd40685d537dff9c1041c6d662e6e98a29442462942a54c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:15:05 GMT
via: 1.1 d027cf032b23cc672770f5bbff1b93ac.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MXP63-P3
age: 2410
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: c7oLRiwrun2j4T8EetfAfGWSmTcn91AGpsiqEMT5ksLQIfkKPw0mVg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 494 B
854 B 38ms
12ms XHR
application/json 18.239.70.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.mediaite.com&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.70.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-70-203.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 068fcfb02c6a1bb3605aa25f2ca8f71cd9317c4fd909dd2a682defc8189fd35f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 18:08:19 GMT
via: 1.1 6099a68d04a7ee2150888338bfdc451a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
age: 13616
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.mediaite.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 494
x-amz-cf-id: ujgxDVquCMAp5zmdz2Rvm1EJndHm3FgYaCl0QxNxjavbCHMrH54i5w==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
398 B 133ms
59ms XHR
text/javascript 3.160.219.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&pid=EGwcEs37jfYnY&cb=0&ws=1600x1200&v=24.626.1741&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Footer_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F5ac64c79fdf4d60603abe6a5%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A14%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5ac64c79fdf4d60603abe6a5%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQBOeLAQBOeLAAfPSBENA7EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.219.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-219-176.mxp53.r.cloudfront.net
Software: Server /
Resource Hash: d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:15 GMT
via: 1.1 2e469f907a9adc95ec3989e432e16e1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP53-P3
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.mediaite.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: -wZyEPfs8FRPVOyjI4pHbn5W5GgYEQWVWtAa7_dQ53UCgevWYkcy7Q==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
398 B 124ms
56ms XHR
text/javascript 3.160.219.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&pid=EGwcEs37jfYnY&cb=1&ws=1600x1200&v=24.626.1741&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_9_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22320x50%22%2C%22160x600%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%2C%22300x420%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F5ac64c79fdf4d60603abe6a5%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A13%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5ac64c79fdf4d60603abe6a5%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQBOeLAQBOeLAAfPSBENA7EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.219.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-219-176.mxp53.r.cloudfront.net
Software: Server /
Resource Hash: 8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:14 GMT
via: 1.1 2e469f907a9adc95ec3989e432e16e1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP53-P3
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.mediaite.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: MDyKFopuHmM-PrrsXxzJQ_5f06Or3pCL7DvXab0TKdmZTNrsAWSbtQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
397 B 118ms
57ms XHR
text/javascript 3.160.219.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&pid=EGwcEs37jfYnY&cb=2&ws=1600x1200&v=24.626.1741&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Content_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%22250x250%22%2C%221x1%22%2C%22300x300%22%2C%22552x334%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Content_1%2F5ac64c79fdf4d60603abe6a5%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A15%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5ac64c79fdf4d60603abe6a5%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQBOeLAQBOeLAAfPSBENA7EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.219.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-219-176.mxp53.r.cloudfront.net
Software: Server /
Resource Hash: f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:14 GMT
via: 1.1 2e469f907a9adc95ec3989e432e16e1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP53-P3
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.mediaite.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: 1ruxGWJHsb8gfEeXIuNKDakcSiAnmWJS0AUI3nOxsWRr7_-m0C9DDw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
397 B 114ms
58ms XHR
text/javascript 3.160.219.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&pid=EGwcEs37jfYnY&cb=3&ws=1600x1200&v=24.626.1741&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Content_2_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%22250x250%22%2C%221x1%22%2C%22300x300%22%2C%22552x334%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Content_2%2F5ac64c79fdf4d60603abe6a5%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A8%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5ac64c79fdf4d60603abe6a5%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQBOeLAQBOeLAAfPSBENA7EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.219.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-219-176.mxp53.r.cloudfront.net
Software: Server /
Resource Hash: e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:14 GMT
via: 1.1 2e469f907a9adc95ec3989e432e16e1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP53-P3
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.mediaite.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: jpwIy3aBdMc4MHfzt2JCqt9K3ROK5Brzni1OciLxTLNZWXtX8Q3qnQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
397 B 103ms
59ms XHR
text/javascript 3.160.219.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&pid=EGwcEs37jfYnY&cb=4&ws=1600x1200&v=24.626.1741&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_2_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F5ac64c79fdf4d60603abe6a5%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A13%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5ac64c79fdf4d60603abe6a5%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQBOeLAQBOeLAAfPSBENA7EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.219.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-219-176.mxp53.r.cloudfront.net
Software: Server /
Resource Hash: 13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:14 GMT
via: 1.1 2e469f907a9adc95ec3989e432e16e1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP53-P3
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.mediaite.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: -KI3Xt04Knij_KcgUh_qwIlRl0sO9zuZLy7cNOrDgLljvh0oMiMtQQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
397 B 96ms
57ms XHR
text/javascript 3.160.219.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&pid=EGwcEs37jfYnY&cb=5&ws=1600x1200&v=24.626.1741&t=2000&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_1_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_1%2F5ac64c79fdf4d60603abe6a5%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A12%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5ac64c79fdf4d60603abe6a5%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQBOeLAQBOeLAAfPSBENA7EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by: Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.219.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-219-176.mxp53.r.cloudfront.net
Software: Server /
Resource Hash: 0f790bdfb9c12c83da88b657a00be6b9aee3d14d167002faaa9562bc74404325

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:15 GMT
via: 1.1 2e469f907a9adc95ec3989e432e16e1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MXP53-P3
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.mediaite.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: ldEZo7NqZcHnsz2OvqFyznRHrl7G0stvH6l-QaleztiS-MGglOI7HQ==

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202402121010/ 300 KB
107 KB 24ms
24ms Script
application/javascript 2606:4700:4400::6812:2b5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202402121010/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:15 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: CPJWS70D0Y5ZKD3F
age: 7957237
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 109265
x-amz-id-2: oh+4GmbgbxySjy18l/X3pBXPD33ZV8iu9//Q2Bcll14rLT8Bt/3JtUlFq+quYp0sDcTvXpdTWjg=
last-modified: Mon, 12 Feb 2024 15:11:18 GMT
server: cloudflare
etag: "3d93a0af15b12fc9dbbc93edd96a2b7f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89e25bc55f0e66cf-AMS

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 155 KB
33 KB 42ms
7ms Script
application/x-javascript 13.32.27.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f3b1f8338765052b8997f05c84f174819a9ddf6be230a213a28e08e18814b15

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: _TI.1jbqvSJo.LKwY0QUykU_4fkAFecP
content-encoding: br
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
date: Thu, 04 Jul 2024 21:37:56 GMT
last-modified: Mon, 01 Jul 2024 11:09:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1040
x-amz-server-side-encryption: AES256
etag: W/"252663f5c16b21323bb27421a73bf2b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: CJjYsXElupr4zvxDWQu785KPXArG6sIDgrArGZfbd0AwbsG7pfqgBw==

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
627 B 18ms
18ms Fetch
application/json 108.139.243.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-80.mxp63.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept: application/json
Referer: https://www.mediaite.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

date: Thu, 04 Jul 2024 02:15:21 GMT
via: 1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront), 1.1 8dd9765909fe9494b6dd4a72ba9e7b64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, MXP63-P3
age: 70794
x-amzn-trace-id: Root=1-668605b9-10484a98788d98044ef1ab51;Parent=61c811b123b52fd6;Sampled=0;lineage=06620786:0
x-amzn-requestid: 42bac94f-fe58-42d4-9b39-5696a136d295
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: aXXVAFQ8DoEEe4A=
content-length: 30
x-amz-cf-id: 9YidETFXQ8vRvvy5LBmIvf_OQqn41eEW6i9gPgiqPkpcFaxtceUvnw==

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 189ms
127ms Preflight
application/json 108.139.243.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-80.mxp63.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.mediaite.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 04 Jul 2024 21:55:15 GMT
via: 1.1 8658ad5cea5eec111b2c1a690caa2eda.cloudfront.net (CloudFront), 1.1 8dd9765909fe9494b6dd4a72ba9e7b64.cloudfront.net (CloudFront)
x-amz-apigw-id: aaEKnFxDDoEEhdA=
x-amz-cf-id: FBlaahuVVJB9OLABuJ-90TmTOuF46lJySRYTINdzNw1jkQGwKld6cg==
x-amz-cf-pop: MXP53-P1 MXP63-P3
x-amzn-requestid: a2e0273e-2db8-437c-943c-e496e1c24728
x-cache: Miss from cloudfront

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73a3666033ef6893fb9cba063378a4f037eab09976f26b9e7f4aadc4f5e3416e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Jul 2024 21:55:17 GMT
content-md5: Jni11VDNl4NDZimW7ZxIJQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4633, tp=11, tpl=0, uplat=1, ullat=-1
x-fb-debug: X6w9QVjRF2IiMS0z2bBVTByR0jc4ykiGx5Y7aXZ3eoLiTuHAY0YstXuP6SfcP3qJ47BfLalC/QPk0Q3BchuoHQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 1aecc98a0ef8365d719759c1312366f2
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "80a85de021bcddb68bc345275c3041a7"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 04 Jul 2024 22:13:28 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 101ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:55:17 GMT
Content-Encoding: gzip
Age: 30
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/668B)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=8e4d4696734efba6f6365b41563c6f3a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

92c43ca35656ef118048641f9e38bf0a082de89f7fa92cda0ec92c508dc10b5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.mediaite.com/
Origin: https://www.mediaite.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Jul 2024 21:55:17 GMT
content-md5: 4FBb2xQWtY/nMcIRl7oniw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88562
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4334, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug: bsmeLFUIm/vrwgdzhLGSqGtcLABBXERaJv39hVuxwHthNZ2FJeb8FyFfrav4HuW9pGKj6CeEZ0mIp6A1Pv0SYQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e8cd4925f49383661600a63b1e7ecd27
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "6b658958fb8911e94a66e4a0e99cca2d"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 04 Jul 2025 21:15:25 GMT

GET
H2 200 share_button.php
www.facebook.com/plugins/ Frame CF1B 0
0 178ms
167ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa1cff3451e4c2d8c%26domain%3Dwww.mediaite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediaite.com%252Ffa5ffc1763ec9ebbc%26relation%3Dparent.parent&container_width=67&href=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&layout=button&locale=en_US&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=8e4d4696734efba6f6365b41563c6f3a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jul 2024 21:55:18 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2777, tp=-1, tpl=-1, uplat=160, ullat=0
x-fb-debug: 6/l5wpZSgXbTNC5nMn3fXTAQIGLC9myngO3FwEWRVI4AxtcLm55u9Q/EX5VTfcN97Ya08oJyt+Nqaam/FE+zZg==
x-xss-protection: 0

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame E551 0
0 24ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.mediaite.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 8797665
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Thu, 04 Jul 2024 21:55:17 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 i.js Show response
tag.bounceexchange.com/3721/ 5 KB
3 KB 77ms
8ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.bounceexchange.com/3721/i.js
Requested by: Host: am11.mediaite.com
URL: https://am11.mediaite.com/med/cnt/themes/m2019/js/min/min.js?2401311500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 48dcd62db6b7b0407226cf8bf98ade70c596fdbb9e0740f0c76b99f60d5a1352

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:49:45 GMT
content-encoding: gzip
x-envoy-decorator-operation: tag-router.tag-router.svc.cluster.local:80/*
via: 1.1 google
age: 333
x-envoy-upstream-service-time: 1
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2395
server: istio-envoy
etag: 4dadeecfd7bc8e
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 570 KB
179 KB 64ms
16ms Script
application/x-javascript 104.102.36.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: am11.mediaite.com
URL: https://am11.mediaite.com/med/cnt/themes/m2019/js/min/min.js?2401311500
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.36.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-36-95.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18a3e9363c897612befd80e5285dc38c84112d10909f0bba43052275304491d4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:55:17 GMT
Content-Encoding: gzip
x-amz-request-id: ZE8JWMC25H10YGVK
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: 12ibsFUkJ/1JodDYI7W3YpW6v4+rDTURk94Uvcq6nEf/5C6IjlYGIom6v1TjoqxMs4jXwJ8vf0s=
Last-Modified: Thu, 20 Jun 2024 21:35:32 GMT
Server: AmazonS3
ETag: "5e3ef10a92849a970c1cde51ec072459"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 script.js Show response
powerad.ai/ 211 KB
47 KB 299ms
97ms Script
application/javascript 3.221.23.185

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/script.js
Requested by: Host: am11.mediaite.com
URL: https://am11.mediaite.com/med/cnt/themes/m2019/js/min/min.js?2401311500
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.23.185 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: 5270e54f1a92254ebced9bbba6d94104c5691994bb9cb2b696326d714e3d42e7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:18 GMT
content-encoding: gzip
last-modified: Mon, 17 Jun 2024 09:44:56 GMT
x-powered-by: Express
etag: W/"34a7c-1902595dd85"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 runtime_6459738026535cda4232dc813c61447d.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
2 KB 92ms
7ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js
Requested by: Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/3721/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 25 Jun 2024 03:41:58 GMT
content-encoding: br
age: 843200
x-guploader-uploadid: ACJd0Nr9t0enO4SC4r6VUwjHRKFcb09xmiiWisiWI6Bw1kJ15eoPs-GrFXjO-KdxgVLdVbuaXcXrz-q_HQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1316
last-modified: Thu, 20 Jun 2024 14:05:04 GMT
server: UploadServer
etag: "09512239cb2a22728ca9f8608dfc2181"
x-goog-generation: 1713883050962681
ad-auction-allowed: true
access-control-allow-origin: *
x-goog-hash: crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ==
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1316
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 topics.html
postrelease.com/iframes/ Frame 1372 0
0 598ms
183ms Document
text/html 52.36.224.135

General

Check archive.org

Show headers Download Go to

Full URL: https://postrelease.com/iframes/topics.html
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.224.135 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
content-length: 582
content-type: text/html
date: Thu, 04 Jul 2024 21:55:18 GMT
etag: "ec22fdd2cd0ccf11c7761864efa96c06"
last-modified: Fri, 15 Mar 2024 21:34:47 GMT
server: AmazonS3
x-amz-id-2: WihyLGF9gXOqH7TA3d0SjcEtPrh93vrSlMTsyavUuB098Vadn9grocDwSd4sMJb+O6GwKBWyDsQ=
x-amz-request-id: QY9SHXG02PVH5YF2
x-amz-server-side-encryption: AES256

GET
H2 200 main-v2_efcf4183cfe60de21aa43976b713ebd6.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 499 KB
109 KB 7ms
7ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_efcf4183cfe60de21aa43976b713ebd6.br.js
Requested by: Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/3721/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2712747c3f51e3e240cc7fefcecbf530963c1b3ec7d7f9976275412e7eedf281

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 01 Jul 2024 15:41:59 GMT
content-encoding: br
age: 281599
x-guploader-uploadid: ACJd0NrE_ao34lgyUxo9d-V8GMenV_ywOkN85dMmOawuYw31X_cJ1-nIyPRsQHqFQiUf4WM1WeTO1mVKxg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111654
last-modified: Mon, 01 Jul 2024 15:41:53 GMT
server: UploadServer
etag: "8006084e958b75f62b9244e155f05c62"
x-goog-generation: 1719848513276806
ad-auction-allowed: true
access-control-allow-origin: *
x-goog-hash: crc32c=ltGu+g==, md5=gAYITpWLdfYrkkThVfBcYg==
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 111654
accept-ranges: bytes
content-type: text/javascript

GET
H/1.1 200
OK button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date: Thu, 04 Jul 2024 21:55:18 GMT
Content-Encoding: gzip
Age: 8797750
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2620
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
Server: ECS (frb/668B)
Etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H3 200 onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 8ms
7ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_efcf4183cfe60de21aa43976b713ebd6.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 21 Jun 2024 19:10:25 GMT
content-encoding: br
age: 1133093
x-guploader-uploadid: ACJd0NqVU6ouK5AoK9GpnRqThyLyth44N-oacSO-7SvuaZErW9H4LQk8RxCG7Csp-tH9p96dxrE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5003
last-modified: Thu, 20 Jun 2024 14:04:58 GMT
server: UploadServer
etag: "7ff99b6f1cea743cef749de91009e764"
x-goog-generation: 1716388126551860
ad-auction-allowed: true
access-control-allow-origin: *
x-goog-hash: crc32c=qFvE1Q==, md5=f/mbbxzqdDzvdJ3pEAnnZA==
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 5003
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 ads-v2_07d5b82cf97935025a59bf55f6552b1c.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 172 KB
38 KB 8ms
8ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_07d5b82cf97935025a59bf55f6552b1c.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_efcf4183cfe60de21aa43976b713ebd6.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: de0b0893cb4919a438b4d8381664873244ce82decce075da961b0e546cda9118

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 01 Jul 2024 15:41:49 GMT
content-encoding: br
age: 281609
x-guploader-uploadid: ACJd0NoG4XkPa8h5k0Zpy13cLy4Jd0Onbxk99pvyw_hR9eyWrs0WT6n3nhdxDWNKBONpLSH-Bo2sJJ1hPQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38955
last-modified: Mon, 01 Jul 2024 15:41:41 GMT
server: UploadServer
etag: "9938202018fbd64cf409de903db600fd"
x-goog-generation: 1719848501732326
ad-auction-allowed: true
access-control-allow-origin: *
x-goog-hash: crc32c=gBwgNg==, md5=mTggIBj71kz0Cd6QPbYA/Q==
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 38955
accept-ranges: bytes
content-type: text/javascript

GET
H/1.1 200
OK tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame 943B 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 8797766
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12332
Content-Type: text/html; charset=utf-8
Date: Thu, 04 Jul 2024 21:55:18 GMT
Etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67A8)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
292 B 135ms
117ms Image
image/gif 104.244.42.8

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22mediaite%22%2C%22widget_creator_screen_name%22%3A%22mediaite%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1720130118147%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=30fd2995f4f0f327f29078b7c278517da6e8b2a1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 -, , ASN (),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-response-time: 110
date: Thu, 04 Jul 2024 21:55:17 GMT
strict-transport-security: max-age=631138519
last-modified: Thu, 04 Jul 2024 21:55:18 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 2bc638417d27e88d
cache-control: must-revalidate, max-age=600
perf: 7402827104
x-connection-hash: adcaa3036959fecf1b14a4acf12c143183ff3d95b66c661c360e385e4c6ff12f
content-length: 43

GET
H2 200 t Show response
jadserve.postrelease.com/ 3 KB
2 KB 512ms
166ms Script
text/javascript 35.86.11.69

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&ntv_mvi&us_privacy=1---
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.86.11.69 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 78b1b301cfcdb642ca8aa90e80beda45d6ad29585af492fe256e56a7b2653b4a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 21:55:18 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 1125
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3 200 jquery-3.7.1.min.js Show response
assets.bounceexchange.com/assets/bounce/ 85 KB
30 KB 8ms
7ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_efcf4183cfe60de21aa43976b713ebd6.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 Jun 2024 08:41:34 GMT
content-encoding: br
age: 738824
x-guploader-uploadid: ACJd0NoTZBAsDu4_OhBNecCyaFv_Cw_IXaSJaQPmfFW2DDiUBGFppyJupdKHznOxz-YV4xU-QT0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31012
last-modified: Tue, 25 Jun 2024 15:57:30 GMT
server: UploadServer
etag: W/"2c872dbe60f4ba70fb85356113d8b35e"
vary: Accept-Encoding
x-goog-generation: 1719331050421322
ad-auction-allowed: true
access-control-allow-origin: *
x-goog-hash: crc32c=fsBEgw==, md5=LIctvmD0unD7hTVhE9izXg==
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 87533
accept-ranges: none
content-type: text/javascript; charset=UTF-8

GET
H2 200 bx_suppress
events.bouncex.net/track.gif/ 42 B
330 B 100ms
23ms Image
image/gif 34.111.8.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/bx_suppress?reason=tcf&status=no_consent&uspString=undefined&details=library%20unknown%20consent&message=unexpected%20response&regulation=GDPR&websiteid=3721&source=web&agent=user
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 21:55:18 GMT
x-envoy-decorator-operation: event-collector.event-collector.svc.cluster.local:80/*
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

POST
H2 200 /
reporting.powerad.ai/ 2 B
272 B 300ms
96ms Ping
text/plain 54.234.151.247

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.mediaite.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Jul 2024 21:55:18 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 detect-aau Show response
powerad.ai/ 2 B
222 B 284ms
96ms Fetch
text/plain 3.221.23.185

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=2
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.23.185 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:18 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 detect-aau Show response
powerad.ai/ 2 B
223 B 283ms
95ms Fetch
text/plain 3.221.23.185

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.23.185 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:18 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 65CC 250 KB
76 KB 149ms
21ms Script
application/javascript 23.211.5.91

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.5.91 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 762a6921a033f9c9921fa1d1ef75351b4e82685fd77e6eafd97134a8cd4436c0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:18 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:26:15 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=45946
accept-ranges: bytes
content-length: 77836
expires: Fri, 05 Jul 2024 10:41:04 GMT

GET
H2 200 pbjs_wrapper.v2.0.js Show response
hb.brainlyads.com/ Frame 11DF 51 KB
16 KB 302ms
99ms Script
application/javascript 23.20.158.212

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v2.0.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3afe0298348a1ed4be74b553dc23d82f1921832e6ef0eb52c36b96068bf377d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 20 Jun 2024 07:14:51 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"6673d6eb-cac3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 11 Jul 2024 21:55:18 GMT

GET
H2 200 / Show response
powerad.ai/pubPls/ 36 KB
5 KB 125ms
125ms XHR
text/html 3.221.23.185

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.23.185 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash: 4e9c4c011ffbb25a1fc0b1d398e49c27aee525245f65128800d84271b5af25a7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:18 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"8eb4-ObaRaiWIshOo4Sbwo9ra9yz5fUA"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.mediaite.com
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 prebid.js
hb.brainlyads.com/ Frame 65CC 67 KB
0 300ms
194ms Script
application/javascript 23.20.158.212

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 02 Jul 2024 17:51:34 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"66843e26-c5733"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 11 Jul 2024 21:55:18 GMT

GET Hc6PdfQeAi.js
pixel.zprk.io/v5/pixeljs/ 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137034616-18

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5a541bba15ec71424faa413f5f5e0e4ac28825e8ba62684c6b52436883140ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76922
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 21:55:18 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137034616-18&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9069088-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af00588bd9bd90a35313122b795382d30ea8ff1d8d4d1c50d2092a1bf2284b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76930
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jul 2024 21:55:18 GMT

GET
H2 200 251 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 233ms
188ms Script
application/javascript 2606:4700:10::6816:445

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&ref=
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0966c31caa1ebd4d9b1d3fd89b0e3bdda2bf5682eb05e11ab57195224ab8e4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:18 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Thu, 04 Jul 2024 12:21:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 89e25bd95c640e81-AMS

GET
H2 200 px.js Show response
p.cpx.to/p/12967/ 5 KB
5 KB 106ms
32ms Script
application/javascript 54.228.55.244

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12967/px.js
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.55.244 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b2c06fdc61b71e1947b9d1640a497a89bc0a3d09d20fbd0f384aa462c2d2550

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:18 GMT
cache-control: public, max-age=2419200
content-length: 4756
content-type: application/javascript; charset=UTF-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
91 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N65BDYR3C2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137034616-18&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea23ced3986bbc4146acbe57407b9a44c6e2b0cc396fb93bd6d1dc092cbb442d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:55:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93005
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 04 Jul 2024 21:55:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137034616-18&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 04 Jul 2024 21:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 852
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 04 Jul 2024 23:41:01 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=846222836&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&ul=de-de&de=UTF-8&dt=Human%20Events%20and%20Post%20Millennial%20Websites%20Hacked&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAICAAIg~&cid=1699088466.1720130114&tid=UA-137034616-18&_gid=57763893.1720130114&gtm=457e4730za200&gcd=13m3l3m2m5&dma_cps=-&dma=1&tag_exp=0&jsscut=1&gcs=G10-&tcfd=10v4b&npa=1&z=564289895

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 22:40:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83677
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 20ms
13ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N65BDYR3C2&gtm=45je4730v9124234587za200&_p=1720130113807&gcs=G10-&gcd=13m3lPm2m5&npa=1&dma_cps=-&dma=1&tcfd=10v4b&tag_exp=0&cid=1699088466.1720130114&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EAAI&_s=1&sid=1720130118&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&dt=Human%20Events%20and%20Post%20Millennial%20Websites%20Hacked&en=page_view&_fv=1&_ss=1&tfd=5755&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N65BDYR3C2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 21:55:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mediaite.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
422 B 163ms
163ms Image
image/gif 35.86.11.69

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=6281467&ntv_pl=1061864
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.86.11.69 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 21:55:18 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
422 B 164ms
164ms Image
image/gif 35.86.11.69

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=a5d65067-6cff-4e07-a51d-e2ef92e4c6d4&ntv_fl=5eWt7UQtfJh3mtSjjxnC8Vxba8TOUEgWkpouk-owHBqRbg0XE7Zo9QquB4qYyj-6BAVIhXk8Y_gOSZmkgal_YEVhviP7MuiTYupUhcUUogSLG6hrmmt5ScOzITyPFbf68D11oQpwxg-GNEGYHTMrWitIpqCV4jwFi3hKTDOqGhP8-l6ySHdG6xzQ2HrhyQuVpbezX-zLwz3TabPn5KyYUjzP72rbLG3mbkaNh1acY8oTFyql1YOHA_eDziH2BNy1YRhBSAFDP6uHi30hkq9Se4lYqYT52p3bQZFmwIhwGAlJXmF6zPzX6gB3zeapdfnDCTlGx_H-miAMcbHVyaaEHcS8l258LGESbSeKKqiaXwkYiQGgPmKaGjYyoqmpCMxdqfVfVgLlcnvnFaC66M-_M4ifIBz_9GJ3p9paTyhMau4HuxMzpq_AyZqLkFBjAjmva4OH1Ov5WFD0dFokHn3D4jeED23NIm9EtGMs5-7rgGYCilKo5-PoyLE2LGjA6BsujGbGc6EM4Gd1hK9JODMne43K1Th8SZRV9b1T4kP8iHc=&ntv_ht=RhqHZgA&ntv_at=303,302&ntv_a=AAAAAAAAAA6DMQA&ord=1720130118677&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.86.11.69 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.mediaite.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 04 Jul 2024 21:55:18 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.zprk.io
URL: https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1

Verdicts & Comments Add Verdict or Comment

356 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onesignal.com/	1970-01-20 21:48:51	Name: __cf_bm Value: btqjqxQqKvBpsJpPb3WyOhjQU_c00.7wC9Ur68slz_k-1720130113-1.0.1.1-UcWBSM1gMX3bAbAC6TIix6tLgJgpr8Hw0ShO40JpFpQNJAbwz9QA2eFO7KKLusncp4uUBt8EpgoMabngf2zsfA
.mediaite.com/	1970-01-21 07:24:50	Name: _ga_ECWL4EPTZN Value: GS1.1.1720130113.1.0.1720130113.60.0.0
www.mediaite.com/	1970-01-20 22:32:02	Name: am-sub Value: 0
.mediaite.com/	1970-01-21 07:24:50	Name: _ga Value: GA1.2.1699088466.1720130114
.mediaite.com/	1970-01-20 21:50:16	Name: _gid Value: GA1.2.57763893.1720130114
.mediaite.com/	1970-01-20 21:48:50	Name: _gat_gtag_UA_9069088_1 Value: 1
.mediaite.com/	1970-01-20 23:58:26	Name: _fbp Value: fb.1.1720130114032.43915436516301020
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: l_nhW_PTc2s
.youtube.com/	1970-01-21 02:08:02	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgIA%3D%3D
.mediaite.com/	1970-01-20 22:08:59	Name: __cmpconsentx98978 Value: CQBOeLAQBOeLAAfPSBENA7EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA
.mediaite.com/	1970-01-20 22:08:59	Name: __cmpcccx98978 Value: aBQBRwaVAAAAAAA
.twitter.com/	1970-01-21 07:24:50	Name: personalization_id Value: "v1_g0KaWqVnN9XImfVp3FtRIQ=="
.t.co/	1970-01-21 07:24:50	Name: muc_ads Value: 72d86dc5-7d20-4e53-88ec-1e09541f0a90
.mediaite.com/	1970-01-21 07:17:38	Name: _cb Value: Bflpr-0k2P8BNinZe
.mediaite.com/	1970-01-21 07:17:38	Name: _chartbeat2 Value: .1720130114535.1720130114535.1.wcqcZuxKQTDx1HblBvC7HZDFtaU4.1
.mediaite.com/	1970-01-20 21:48:51	Name: _cb_svref Value: external
.mediaite.com/	1970-01-21 07:17:38	Name: _awl Value: 2.1720130114.5-f4c846b9b2e7a3e0dc3970680be05fae-6763652d6575726f70652d7765737431-0
www.mediaite.com/	1969-12-31 23:59:59	Name: ntvSession Value: {}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
accounts.google.com
ads.adthrive.com
ads.pubmatic.com
am11.mediaite.com
am12.mediaite.com
am13.mediaite.com
am14.mediaite.com
analytics.twitter.com
apis.google.com
assets.bounceexchange.com
b.delivery.consentmanager.net
c.amazon-adsystem.com
c.aps.amazon-adsystem.com
c.delivery.consentmanager.net
cdn.confiant-integrations.net
cdn.consentmanager.net
cdn.jwplayer.com
cdn.onesignal.com
cdn.taboola.com
config.aps.amazon-adsystem.com
connect.facebook.net
events.bouncex.net
geo.privacymanager.io
gum.criteo.com
hb.brainlyads.com
img.youtube.com
jadserve.postrelease.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
mediaite.disqus.com
onesignal.com
p.cpx.to
ping.chartbeat.net
pixel.zprk.io
platform.twitter.com
pm-widget.taboola.com
postrelease.com
powerad.ai
profusesupport.com
region1.analytics.google.com
region1.google-analytics.com
reporting.powerad.ai
rules.quantcount.com
s.ntv.io
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
simple-cdn.s3.amazonaws.com
soggysponge.com
ssl.gstatic.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
syndication.twitter.com
t.co
tag.bounceexchange.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.mediaite.com
www.youtube.com
pixel.zprk.io
104.102.36.95
104.244.42.195
104.244.42.8
108.138.192.109
108.139.243.28
108.139.243.80
13.32.27.78
146.75.120.157
151.101.1.44
151.101.193.44
18.239.36.129
18.239.36.75
18.239.70.203
18.239.83.58
18.66.196.100
199.232.196.134
2001:4860:4802:32::36
23.20.158.212
23.211.5.91
2600:9000:2038:6a00:18:1fcd:354:4b41
2600:9000:223c:f400:6:44e3:f8c0:93a1
2600:9000:2246:9800:8:48e:53c0:93a1
2600:9000:225e:8400:1:a3fa:7cc0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:3a6e
2606:4700:10::6816:3b6e
2606:4700:10::6816:445
2606:4700:10::ac43:1906
2606:4700:4400::6812:2b5a
2606:4700::6811:6fdf
2606:4700::6812:186f
2606:4700::6812:196f
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200e
2a00:1450:400c:c0b::54
2a00:1450:400c:c1d::9c
2a02:2638:3::c
2a02:6ea0:c700::22
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.160.219.176
3.221.23.185
34.111.8.32
34.120.253.250
34.98.72.95
35.86.11.69
44.215.185.146
52.36.224.135
52.92.210.209
54.228.55.244
54.234.151.247
87.230.98.76
87.230.98.78
93.184.221.165
06772a40a60519e707b4b2aabf4945607ac8d3eb6de4b57b02b3d905c0838871
068fcfb02c6a1bb3605aa25f2ca8f71cd9317c4fd909dd2a682defc8189fd35f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0da206ff8e60d35e2ca003978c7f27a2a46a02e4c63abd632b3a2ebfe1bd8835
0f790bdfb9c12c83da88b657a00be6b9aee3d14d167002faaa9562bc74404325
0f89ba1e319462068c896f7469de78055f63c0318e612faf056a82a7c8fd952b
10053a3d688e1bdecacbb024e433e2b418171851bd9fac1482232c11d24abe6d
10a26508ac3be73bfe5de632f008d227245e3e05dbf464a28cbd515990151fcc
123afbccccfd68f5b29a8a1385ceb3fe558cecaf777e4fe1b070ff6b8cf4ffad
13b2d5629179d12b272d8e9b8369ba940e3bf8b81f1d222e80d74f4aaa6e1f5e
13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b
149e257583daeca7357a39f2be9f8bdcaefb93be3f47c52cc294d7cf4b8f07d3
15ac93425f657629cd95ae465f8cd231e7cd7edad78d508dba5fa734e8f63ac4
16177593023032a310fe37e6e8dde8f3620d12d3b0b3c7a9b167c008ba33a759
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
18a3e9363c897612befd80e5285dc38c84112d10909f0bba43052275304491d4
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b22e31dd0658b72a1248a1b9e40cdf109da76be3bf6b830fc6a98453f2ec278
1ec04cebad77686ee5060b7c933beb2b105bb7a4159a2c29b32d8df3bc94912b
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
2712747c3f51e3e240cc7fefcecbf530963c1b3ec7d7f9976275412e7eedf281
2f3fe811be982fcc4f384f5690cb4a7a1566c0ae2280ba7d03c2a2d05270a487
2fc88d4d4d71f6e63d16a5f550bd1ff0d4d09ce33b294a3121d9bbc454105e05
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
350c70e4b05272ae82fe599da85128eba1ae0fd31e335a15e69fe301a6bc2ab7
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3afe0298348a1ed4be74b553dc23d82f1921832e6ef0eb52c36b96068bf377d2
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
424fb2d1229ed30d82b4f36801524a7f82e1198365df67e8a6de4b6b705a458c
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4369e005746c8a2a0aab78e11d85497a54a3d969bc283d5b492409faeda922b7
48b4186595c64c33e8190a639202e759c1730e3fbbfe038cfe474910057a1d16
48dcd62db6b7b0407226cf8bf98ade70c596fdbb9e0740f0c76b99f60d5a1352
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e9c4c011ffbb25a1fc0b1d398e49c27aee525245f65128800d84271b5af25a7
5270e54f1a92254ebced9bbba6d94104c5691994bb9cb2b696326d714e3d42e7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
57da007436809f672fd40685d537dff9c1041c6d662e6e98a29442462942a54c
58903a6d054be5ff95cd5b49bfb75e09ea2fb008892d69a28390d8093072867f
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df
5b2c06fdc61b71e1947b9d1640a497a89bc0a3d09d20fbd0f384aa462c2d2550
5bf979eb49360af2f3aeed5cd5ebd25e8702f55cb5205ab14d6ef229b78855f5
5cfab4f775ae2086b92f3d5f334b5b088b2f7f3134cdd405e5a0c69d660c9f82
5d56c6a7208faa78b0363e0f0468a1d7d537a96f1ff0f6dadfa2ef0dbbf314e3
5e0966c31caa1ebd4d9b1d3fd89b0e3bdda2bf5682eb05e11ab57195224ab8e4
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
69b1faac5f52c20c991dcf5e73fa241d9fb3f8f7cbe3c4d94750ae1b05d7b0fe
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6c8e40d0b7910c8066300a7576b89ef59631fb077df2faf5890d36a10e1b8804
7363db3e386a678104d0a01c7b41f603f33eb54a841882f3d4b183c95351abc2
73a3666033ef6893fb9cba063378a4f037eab09976f26b9e7f4aadc4f5e3416e
73bf308a5cc46c465456bd487a9f539e74a21cf2c46f7bf4d2f48a72f556dfd8
762a6921a033f9c9921fa1d1ef75351b4e82685fd77e6eafd97134a8cd4436c0
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
78b1b301cfcdb642ca8aa90e80beda45d6ad29585af492fe256e56a7b2653b4a
795add72eb3a444658ebe344d8194e990b883bf2347889410a278705d159013a
7b787ade2bdde427d86a00d64a8bbd6c8b44a68e4cfcffbd5fc2acbb78e3419f
81cee0d8b19c2d6d35bc256f06cb5cdd83efc9fd6c178838ebf0eae43d862282
82c47e8613bd8ac83f2901140e50a6c7220dce128f2c1f7416ca08cfa7933c50
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963
84dd7c3644ec06902f94d61394ad77b581b596611d0fe306666effab17ae1587
86130925c7dbecb1a2eae2efa1280beb5f583bc983ffb70a20ccc7ed2d52751b
8a57e62bad9d78ce3693df8d415bbe710a06eb71e6da389f7f2267996d8d3912
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
91ac3d5ae5912a1f07c1651fdafc2fb432fe5092adcf6822ba96c28ab31d9f7a
91d23e883844155a6d1b95820f81df1351008858b022cd3c144b8308f0e7b2ce
92c43ca35656ef118048641f9e38bf0a082de89f7fa92cda0ec92c508dc10b5e
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
98c36043157373d9ff8f3aad96bd05f08df06b107d2ee71da9e9a3e2fe183e55
9bd1d4177f0d80cba31cb90cb6f63a3895fd1a1e439fcc62d5249b7c39372f1b
9c30ba0889b67c145e87e93d0620f6500e3c80ef57a1e4d3edde75cf06c44474
9f0da468ec3832b7f8190618fd3f380a0c3d9421f095e692973b82f8efd3d55d
9f3b1f8338765052b8997f05c84f174819a9ddf6be230a213a28e08e18814b15
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af00588bd9bd90a35313122b795382d30ea8ff1d8d4d1c50d2092a1bf2284b28
b3d00e5d946b1dc139a67331992e089c0b773bb38fcd222755eef1873f994a12
b5a541bba15ec71424faa413f5f5e0e4ac28825e8ba62684c6b52436883140ed
b7e8955e92095eb6a9ff423debf2db243e4949e2edaadd40706d86ad0c36e19b
b8368bc528fb03da114f988ad934630f4e98067cc1200e1b3243e660b8595ccf
bab925cee1ed03d6ef9beb88f68519411c0755670ffc5fa3889b9c01448d76f0
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
ca35429f8487b513b2c516aae8166c812b77305b824a68de1c12d436656fcd6c
ceedb3a311e1610e2e62c405b618d40560bd0f068cdf86cfb5bab4cf68e385ac
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d15491ab2a9614e32eef0e09c8fb657a5ae4827499451571c522e98886dedac7
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d33de10f044be388ffc9c9d139336535561885ee547305488622a9d9cd9c9fce
dbbec194bb1980e49f3241f20ace32dfb18e16ce32b0b455ec317d49388c2850
dbe68196f39972c46eb2edcd065c7b5f35e3fdcdfbdd4f79cf404000f1d29f7d
dbe8e596830dc94145acacd17ebdc3fd9553df87b0cb637d10d338e676a9a831
dc7bb80e6d7bfffbc85ae2314c11c8ef6e92e2d9ba67f144ffb3bec24c5ab859
dd5bf2711b952af69162c95a19e30326c252011ffafeae2bd295cfe732a9b70c
de0b0893cb4919a438b4d8381664873244ce82decce075da961b0e546cda9118
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e30cb028cc6e8df384017dbc109d8de3256e3759d1fccb7c9cb54daff81ad74e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c2858c863735a217bf7cdeaf65a7f92387e82375d706a46a02a076e9bee19d
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b
ea23ced3986bbc4146acbe57407b9a44c6e2b0cc396fb93bd6d1dc092cbb442d
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14
f15477654f29ab4c5cb52c800266a5e9d6338fafbd36495c1055c4f02acfb7a0
f581d6679a6f83ee35007a20ded1bba92e4675c2e6911555e014612a3b9e29b6
f937f386d63de0eca0649fd43403a9c0ad95a59bbc5ded7208cfe21ecfc5cb77
fa34d6e7f3ff2e865952debf5a6e81db1386867d311665103893dc70a1501794
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fe9b1a56d5b51efc9c0826e93c1e4419886cc9b8da75f61b3a7f116e47322c36

www.mediaite.com Open in urlscan Pro 2606:4700:10::ac43:1906 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

143 Requests

99 %HTTPS

48 %IPv6

42 Domains

65 Subdomains

62 IPs

5 Countries

4005 kBTransfer

12691 kBSize

18 Cookies

9 Outgoing links

Page URL History

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mediaite.com Open in urlscan Pro
2606:4700:10::ac43:1906 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

99 %
HTTPS

48 %
IPv6

42
Domains

65
Subdomains

62
IPs

5
Countries

4005 kB
Transfer

12691 kB
Size

18
Cookies

143 HTTP transactions
1 data transactions